Security problems in Yahoo Messenger
SecurityFocus reports at http://online.securityfocus.com/archive/1/257584
a series of security
problems affecting the correct functioning of Yahoo Messenger version 5.
This version of Yahoo Messenger listens on port 5101 of the client computer,
which creates a series of problems that could be exploited by an attacker
that sends traffic to the aforementioned port in the targeted user's
computer. More precisely, an attacker could perform the following actions on
the affected system:
-Carry out a denial of service attack on Yahoo Messenger by overflowing the
message field in the yahoo protocol. Similar effects can be caused by
overflowing the Imvironment field.
-Send messages under another name, impersonating a sender.
-Send multiple messages from different names, flooding a certain user with
messages and overloading their client.
-Add a person to their list of contacts *(without the person's consent) and
send messages to them until the person's IP address is sent in a message
over Yahoo's server.
"When fascism comes to America it will come wrapped in the flag and carrying a cross." Sinclair Lewis
|« Previous Thread | Next Thread »|
|Thread Tools||Search this Thread|