AOL Instant Messenger Password Encryption Weakness

AOL Instant Messenger Password Encryption Weakness

It has been reported that AOL Instant Messenger uses a weak method of encryption
while negotiating its sign on process.

The first FLAP packets sent to the OSCAR logon server contain the user login password and screen name which are encrypted using a weak XOR method that is trivial to decrypt.