Yahoo! Messenger Sploit! (SERIOUS)

**NetSyn** · May 30th, 2002, 02:02 PM

New sploit has been found in YIM (Yahoo! Instant Messenger)

Sploit Info

05. Threat Significance

Vulnerability #2 (above) demonstrates how potential attackers could replace or even visually replicate almost any YIM content and insert scripts into their own HTML that could be used to do almost anything on a YIM users machine. For example, it would not be too difficult to modify the demonstration exploit above to request a YIM user's ID and password and send it to any email address or Internet URL.

Minimum user intervention is required to exploit these vulnerabilities. Modifications of the ymsgr URLs provided could readily be hidden in HTML pages or emails with text or images enticing YIM users to click on them. Further, scripts could be used to load such ymsgr-exploit URLs into pop-up browser windows with no direct user intervention.

Given there are now somewhere between 13-65 million Yahoo! Messenger users worldwide (as described in the Summary above), the potential impact of this vulnerability poses a highly significant threat to users who do not soon upgrade their Yahoo! Messenger clients.

WE ALSO NEED A SECTION WHERE THIS TYPE OF TOPIC WOULD FIT BETTER, SUCH AS "RECENT THREATS" or "NEW SPLOITS" or "SECURITY RISK", i couldnt find anything that this thread would fit under so i put it here

***souleman*** · May 30th, 2002, 02:16 PM

Network or internet security would have probably been the best place for this thread, but who knows. We definately should have a general "New exploit/advisory" froum.

Slightly dated (early this month I believe) but still very relevant. Good find NetSyn.

***Und3ertak3r*** · May 30th, 2002, 02:22 PM

sploits / advisories..

AntiVirus Discussions? wouldn't that cover the topic..?

but your idea could make it easier to target.. k

Cheers

***Guus*** · May 30th, 2002, 02:31 PM

Originally posted here by NetSyn
(...) Given there are now somewhere between 13-65 million Yahoo! Messenger users (...)

What evil genius figured out those numbers? One number is five times higher than the other.

Anyway, nice find NetSyn.

**NetSyn** · May 30th, 2002, 03:52 PM

lol : ) i doubt this would fit under anti virus security.... and i really feel we need a place to talk about sploits in general or at least something close 2 it

***sumdumguy*** · May 30th, 2002, 06:07 PM

how about Miscellaneous Security Discussions...

**Shake** · May 30th, 2002, 06:36 PM

How about.......
Who cares where it is posted? It is good information, i am glad he put it in one of the places where traffic is heaviest, i would have never seen it in virus discussion.

**NetSyn** · May 30th, 2002, 08:36 PM

i didnt even see misc security till just now, thanx for pointing it out

**qwerty_smith** · May 30th, 2002, 08:45 PM

i'll have to agree. putting something in a well traveled area will not do harm...
so somebody has a choice of reading it. it is still good info. thnx netsyn. saved a few peoeple i know.

***jethro*** · May 30th, 2002, 09:45 PM

Yeah, I know that I have registered at least 100 Yahoo! accounts because I used to love GeoCities. But now that I haven't accessed any of them in about a year, I think they probably have been cancelled. Hmm, that's probably worth finding out...

Originally posted here by Guus

What evil genius figured out those numbers? One number is five times higher than the other.

Anyway, nice find NetSyn.

Thread: Yahoo! Messenger Sploit! (SERIOUS)

Thread Tools

Display

Yahoo! Messenger Sploit! (SERIOUS)

Re: Yahoo! Messenger Sploit! (SERIOUS)

Re: Re: Yahoo! Messenger Sploit! (SERIOUS)

Posting Permissions