It will probably be hard for you to believe, but my girlfriend discovered a DoS vulnerability in Gaim. No, don’t worry. She is not a computer geek (One in a relationship is certainly enough). The story of my girlfriend’s important discovery goes like this:
I was chatting with her some days ago using Gaim (she uses MS Messenger). At some point, she had sent me the following attack vector:
:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(
:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(
:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(
:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(
:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(:(
As she deeply disliked something I had said to her …
emoticon. From a mysterious reason, a few dozens of sad emoticons made Gaim choke. CPU usage was at 100% and the system felt highly unresponsive. It was impossible to use Gaim at all.
Luckily, I was able to kill Gaim from the command-line. I started it again hoping for the best, however, when I opened the chat window again, the attack vector was still there (retrieved from the logs) and Gaim choked yet again. I had to manually remove the few last lines from the log files, so I’ll be able to speak with her again.
To make a long story short, my girlfriend is now happy again.
Note: This episode of Thesamet.com was recorded 10 days ago, when Gaim developers were notified of this.
Clarification: For some reason, some people consider this to be a chauvinistic post. My girlfriend is a very intelligent person, she is not interested in software security. We were both surprised that she unintentionally discovered this. That’s it.
P.S.: The first paragraph of this post was written by her. She said it will help it to “do well on digg”.
Pingback: MILITANTPLATYPUS » Blog Archive » Monday Morning News
Not entirely equivalent, but I’ve experienced similar issue with a gaim plugin as well: gaim-festival, which turns IM text into speech and speak it out. My colleagues make fun out of it, and send me messages like: “hihihihihihihihihihihihihihihihihi…” at first it’s really funny to see the sound deteriorate with the sheer length of message, but that managed to crash my gaim once later. I never turn it on again anymore.
Give me enough unhappy smileys and a point of access and I’ll shut down the web.
: )
I hope you die.
Seriously.
Don’t turn everything into something sexist. Go get hit by a bus, eat a bullet, just do something to leave this world.
You need to get rid of all your revolt and negativity brother. Lighten up and don’t be so constipated, you’ll feel a lot better and the whole world around you will SMILE.
Um… I seem to be missing the part where the “DoS” happens… to me, it just sounds like Gaim chokes up with a lot of smilies in one message. Very definitely *not* a DoS attack.