ISS X-Force Database: aim-icq-filetransfer-directory-traversal(33538): AOL Instant Messenger (AIM) and ICQ file transfer directory traversal

AOL Instant Messenger (AIM) and ICQ file transfer directory traversal

aim-icq-filetransfer-directory-traversal (33538)

Medium Risk

Description:

AOL Instant Messenger (AIM) and ICQ could allow a remote attacker to traverse directories on the system. By persuading a victim to accept a specially-crafted file transfer request containing "dot dot" sequences (/../) , a remote attacker could traverse directories and write files to arbitrary directories on the victim's system.

Note: In order to exploit this vulnerability using ICQ, the attacker is required to be on the contact list of the victim.

Platforms Affected:

AOL, AOL Instant Messenger 5.9 and prior
ICQ, America Online (AOL) ICQ 5.1 and prior

Remedy:

For AIM:
Upgrade to the latest version of AIM (6.1 or later), available from the AIM Web site. See References.

For ICQ:
AOL has provided an update for this vulnerability to all AOL ICQ users, which should be automatically applied once connected to the ICQ service from the ICQ Web site. See References.

Consequences:

File Manipulation

References:

AIM Web site, AIM 6.1 at http://www.aim.com/.
ICQ Web site, ICQ at http://www.icq.com.
iDefense Labs PUBLIC ADVISORY: 04.09.07, AOL AIM and ICQ File Transfer Path-Traversal Vulnerability at http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=508.
BID-23391: AOL AIM and ICQ Clients Directory Traversal Vulnerability
CVE-2007-1904: Directory traversal vulnerability in AOL Instant Messenger (AIM) 5.9 and earlier, and ICQ 5.1 and probably earlier, allows user-assisted remote attackers to write files to arbitrary locations via a .. (dot dot) in a filename in a file transfer operation.
SA24747: AOL Instant Messenger File Transfer Directory Traversal Vulnerability
SA24803: ICQ File Transfer Directory Traversal Vulnerability
SECTRACK ID: 1017890: AIM File Transfer Traversal Flaw Lets Remote Users Modify the Storage Location During a File Transfer
SECTRACK ID: 1017891: ICQ File Transfer Traversal Flaw Lets Remote Users Modify the Storage Location During a File Transfer
VUPEN/ADV-2007-1306: ICQ File Transfer Processing Remote Directory Traversal Vulnerability
VUPEN/ADV-2007-1307: AOL Instant Messenger File Transfer Feature Remote Directory Traversal Vulnerability

Reported:

Apr 09, 2007

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page