(Information provided by third party, not verified for accuracy. Please contact submitter (in message body) for details.) Path of replication: Standalone winsock client, based off logged packet handshake between Y! Messenger and Yahoo messenger server. After successful authentication handshake, profile and authentication information for other logged parties can be obtained by simply attempting authentication, the password hash exchange that follows is not validated for authenticity. Information provided by: Name: Jason Cook (mystikal) E-Mail: mystikalat_private Impact: Allows any person to gain access to any logged user's security authentication and profile, and access to Yahoo! systems that utilize that authentication information. More specifically, it gives the exploiter access to people's profiles, information about person contact information, editing information, and possibly access to private files and mail. This appears to be actively exploited in the wild at the moment. Persons have logged in with admin aliases who are clearly not such persons, and abusing administrative commands. Exploit code is available from: Name: Jason Cook (mystikal) E-Mail: mystikalat_private
This archive was generated by hypermail 2b30 : Sun Nov 18 2001 - 09:25:18 PST