('binary' encoding is not supported, stored as-is) Im now 100% sure where I should post this or who to tell, but here goes. I was messing around with just installing some chat programs when I came across Yahoo Messenger. Well I started the install, and oddly enough its a lil different. Yahoo decided it would be easier for the user to just download all the install files from them, on the fly. The way it does it apperas to be via http: GET /download.yahoo.com/dl/installs/ymsgr/ymsgr_1228.exe HTTP/1.1 Then the server responds (a19.g.a.yimg.com). And sends the files. Well this sounds all fine and dany, except it sounds very familiar to what the Apple Software Update Util used to do. No passwords or secrity on the download. The installer never even seems to verify the files. This leads me to think that someone with enough time and brains could fool the "victim" computer to download some bogus Yahoo messenger files and install them instead of the legit ones. The info on the Apple Security Hole is at: http://www.cunap.com/~hardingr/projects/osx/exploit.html Of course this was fixed very quickly by Apple. Can someone verify this as a valid exploit? Thanks Kyle Duren
This archive was generated by hypermail 2b30 : Tue Aug 27 2002 - 11:49:09 PDT