|
Vulnerability Development
mailing list archives
Re: Yahoo pager
From: "Frantz, Blake" <blake () mc net>
Date: Thu, 31 Aug 2000 10:42:39 -0700
When I first posted this I CC'ed the notice to webmaster () yahoo com and recieved a bounce. I ended up filling out an
online form that pointed them to this list.
I'll post updates from Yahoo when I recieve them.
Blake Frantz
without knowing where the 0x61's comes from, I'd >really say it might be jumping to conclusions. >Perhaps this is an
broken snprintf implementation
which forgets to nullterminate on overflows, or >something similary. Then we ''only'' have to >figure out where the
arrays of 0x61 is used and >make the appropriate sequence to make YM change >it.
A bit work though ;)
Anyone up to the challenge?
Anyone contacted yahoo about the issue?
/me off to take a nap, work - what an horrible >thought :)
..:::::::::::::::::::::::::::::::::::::::::::::::>::..
http://www.11a.nu || http://bluefish.11a.nu
eleventh alliance development & security team
 By Date 
By Thread
Current thread:
- Yahoo pager Blake Frantz (Aug 30)
- <Possible follow-ups>
- Re: Yahoo pager Blake Frantz (Aug 30)
- Re: Yahoo pager Frantz, Blake (Aug 31)
|
Intro
