Remote crashes in Yahoo messenger

From: Scott Woodward (scottat_private)
Date: Thu Feb 21 2002 - 09:03:57 PST

Next message: Tamer Sahin: "SecurityOffice Security Advisory:// Essentia Web Server Directory Traversal Vulnerability"

Previous message: obscure: "Gator installer Plugin allows any software to be installed"
Next in thread: Chris Bisnett: "Re: Remote crashes in Yahoo messenger"
Reply: Chris Bisnett: "Re: Remote crashes in Yahoo messenger"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

 All versions of Yahoo messenger version 5. Listens on port 5101 on client
machine.  (obviously to
 offload server traffic for IMs)

 problems:
 (for all of the problems listed below, the traffic is sent to the yahoo
messenger opened port, 5101)

 1.  One can crash yahoo messenger by overflowing the message field in the
 yahoo protocol.
 2.  One can crash yahoo messenger by overflowing the IMvironment field in
 the yahoo protocol.
 3.  One can send a message as a spoofed name.
 4.  One can send many many messages from different names, flooding the
 person.
 5.  One can add a person to their buddy list (without their consent even),
 then message them a few times and that persons IP address will be sent in a
 message over yahoo's server.

 I would imagine there are many many more security problems to be found.

Next message: Tamer Sahin: "SecurityOffice Security Advisory:// Essentia Web Server Directory Traversal Vulnerability"
Previous message: obscure: "Gator installer Plugin allows any software to be installed"
Next in thread: Chris Bisnett: "Re: Remote crashes in Yahoo messenger"
Reply: Chris Bisnett: "Re: Remote crashes in Yahoo messenger"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Feb 22 2002 - 10:59:07 PST