Home page logo

bugtraq logo Bugtraq mailing list archives

Yahoo! Instant Messenger
From: "Shaun O'Callaghan" <the_duke247 () YAHOO COM>
Date: Sun, 14 Jan 2001 15:42:41 -0000

When being warned by my firewall that some packet 
contents may contain sensitive data when connecting 
to Yahoo! servers with the popular, Yahoo! Instant 
Messenger, I found to my amazement my username 
and password combination where being sent to the 
server in plain text.

This is performed to the many Yahoo! servers by a 
plain get request on the standard ports than YIM 
uses.  As far as I am aware, this is affecting all 
clients on all operating systems.  YIM passwords also 
are used for mail, calenders, bill paying, auction 
bidding (which hold CC numbers) well as other 
information including addresses on various users.  I 
feel this is a very dangerous exploit and comes not 
long after I discovered the remote character buffer 
overflow vulnerability in a previous version, hope it 
was of some help.


Security Editor - BlackBox

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]