Re: Yahoo Messenger - Multiple Vulnerabilities

From: Ben Laurie (benat_private)
Date: Mon May 27 2002 - 12:48:04 PDT

Next message: Tamer Sahin: "[SecurityOffice] Falcon Web Server Unauthorized File Disclosure Vulnerability"

Previous message: SeazoN: "wbbboard 1.1.1 registration _new_users_vulnerability_"
In reply to: Phuong Nguyen: "Yahoo Messenger - Multiple Vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Phuong Nguyen wrote:
> Given there are now somewhere between 13-65 million
> Yahoo! Messenger users worldwide (as described in the
> Summary above), the potential impact of this
> vulnerability poses a highly significant threat to
> users who do not soon upgrade their Yahoo! Messenger
> clients.

Or, if they're smart, simply disable the URL (use regedit to edit 
HKEY_CLASSES_ROOT\ymsgr\shell\open\command to something that doesn't exist).

Cheers,

Ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Next message: Tamer Sahin: "[SecurityOffice] Falcon Web Server Unauthorized File Disclosure Vulnerability"
Previous message: SeazoN: "wbbboard 1.1.1 registration _new_users_vulnerability_"
In reply to: Phuong Nguyen: "Yahoo Messenger - Multiple Vulnerabilities"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Mon May 27 2002 - 15:07:44 PDT