Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Security Incidents mailing list archives

RE: Yahoo Messenger Stale Sessions
From: "David Gillett" <gillettdavid () fhda edu>
Date: Wed, 13 Nov 2002 09:35:11 -0800
  Not so arbitrary.  He needs to not only spoof the IP 
address your friend had, but also get the other port number 
and the TCP sequence number right.  Which might not be much
challenge *IF* he was able to sniff your original conversation.
(If he's spoofing rather than assuming the address, he'll need 
to sniff your machine's responses....)

  That much probably limits it to people within either your,
or your friend's, network provider.  Then there's the question
of what to do with this connection.  Is there a vulnerability
in Yahoo Messenger that could be exploited from there?  (If
so, should you be using it at all?)

David Gillett



-----Original Message-----
From: Leonard.Ong () nokia com [mailto:Leonard.Ong () nokia com]
Sent: Tuesday, November 12, 2002 5:39 PM
To: incidents () securityfocus com
Subject: RE: Yahoo Messenger Stale Sessions


Hello All,

During my observation in daily use of Yahoo Messenger, my 
computer has "stale/zombie" sessions.  For example, If i have 
received/message a friend, yahoo will normally make a direct 
connection from my PC to my friend.  From Netstat result, you 
can see a high port on my computer is having an Established 
session with my peer's:5101 port.

The issue is, after a contact has gone offline (dial-up), the 
state established in the netstat will remain until the next 
day.  I wouls see this as a vulnerabilities, since an 
arbitrary user can assume the IP Address was used 
(dial-up->dynamic ip assignment), and use this established 
session to assume it.

Any idea ?


Regards,
Leonard Ong
Network Security Specialist, APAC
NOKIA

Email.  Leonard.Ong () nokia com
Mobile. +65 9431 6184
Phone.  +65 6723 1724
Fax.    +65 6723 1596



--------------------------------------------------------------
--------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com



----------------------------------------------------------------------------
This list is provided by the SecurityFocus ARIS analyzer service.
For more information on this free incident handling, management 
and tracking system please see: http://aris.securityfocus.com

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]