|
Vulnerability Development
mailing list archives
Possible security exploit on Yahoo! Messenger : permits disclosure of any logged party's authentication and profile information
From: "CheetaChat Security Group" <security () cheetachat com>
Date: 18 Nov 2001 06:53:10 -0000
(Information provided by third party, not verified for accuracy. Please
contact submitter (in message body) for details.)
Path of replication:
Standalone winsock client, based off logged packet handshake between Y!
Messenger and Yahoo messenger server. After successful authentication
handshake, profile and authentication information for other logged parties
can be obtained by simply attempting authentication, the password hash
exchange that follows is not validated for authenticity.
Information provided by:
Name: Jason Cook (mystikal)
E-Mail: mystikal () cableone net
Impact: Allows any person to gain access to any logged user's security
authentication and profile, and access to Yahoo! systems that utilize that
authentication information.
More specifically, it gives the exploiter access to people's profiles,
information about person contact information, editing information, and
possibly access to private files and mail.
This appears to be actively exploited in the wild at the moment. Persons
have logged in with admin aliases who are clearly not such persons, and
abusing administrative commands.
Exploit code is available from:
Name: Jason Cook (mystikal)
E-Mail: mystikal () cableone net
 By Date 
By Thread
Current thread:
- Possible security exploit on Yahoo! Messenger : permits disclosure of any logged party's authentication and profile information CheetaChat Security Group (Nov 18)
|
Intro
