| Joined: May 2002 Posts: 1 Junior Member | OP Junior Member Joined: May 2002 Posts: 1 | I was wondering if Yahoo PM or private chat rooms are subject to cracking? | | | | Joined: Feb 2002 Posts: 7,203 Likes: 11 Community Owner | Community Owner Joined: Feb 2002 Posts: 7,203 Likes: 11 | There is always a possibility of cracking/hacking to anything anywhere, I believe that Yahoo did have a problem some time ago with cracking, but I'm not sure if they fixed their breach. | | | | Joined: Mar 2002 Posts: 562 UGN Supporter | UGN Supporter Joined: Mar 2002 Posts: 562 | I said it before, and I'll say it again. NOTHIN is secure in networking. If you can unlock it for privilaged users, then you can crack it. It is that simple. Security is a matter of path of least resitance and obsurity.
If you are more secure than jimmy over there, most will go for jimmy. If his weaknesses are published and yours aren't. He is most likely to get hacked. However, you can stil be hacked. Every program every computer can be hacked. This may stop with the introduction of the q-bit. But probably not. <img border="0" alt="[Angel]" title="" src="graemlins/angel.gif" /> | | | | Joined: Mar 2002 Posts: 11 Junior Member | Junior Member Joined: Mar 2002 Posts: 11 | | | | | Joined: Mar 2002 Posts: 11 Junior Member | Junior Member Joined: Mar 2002 Posts: 11 | sorry i had to post it like that. it had some "<" and the bbs wouldnt allow that. heres another one. Yahoo! Messenger! multiple! vulns!
By Thomas C Greene in Washington Posted: 28/05/2002 at 09:08 GMT
There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen has discovered. Yahoo! has been notified and a fixed version is available for download here.
First up, an unchecked buffer which enables any URL beginning with 'ymsgr:' to call ypager.exe, crash it and run malicious code if the messenger is integrated with the browser. All that's needed is 268 bytes to overflow the buffer, and exploit code can be loaded with the user's level of privilege. The 'call', 'sendim', 'getimv', 'chat', 'addview' and 'addfriend' function calls can be exploited, Nguyen says.
Next up a problem with the 'addview' feature which enables the messenger to view Web content on its own. This is vulnerable to freaky URLs and malicious JavaScript and VB script. Yahoo! content can be duplicated and malicious scripts embedded in the HTML to give an attacker numerous means to exploit a target. See Nguyen's original advisory for links to a couple of simple demonstrations (which I've not verified). Yahoo! has removed this particular 'feature' in the fixed version pending further engineering magic to make it safe, Nguyen says.
links: http://download.yahoo.com/dl/installs/ymsgr/ymsgr_1065.exe http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html | | | | Joined: Mar 2002 Posts: 11 Junior Member | Junior Member Joined: Mar 2002 Posts: 11 | | | | | Joined: Feb 2002 Posts: 7,203 Likes: 11 Community Owner | Community Owner Joined: Feb 2002 Posts: 7,203 Likes: 11 | | | | | Joined: Mar 2002 Posts: 1,273 DollarDNS Owner | DollarDNS Owner Joined: Mar 2002 Posts: 1,273 | ya, if UBB would just topalign and leftalign all of it's message TD tags than things would look a lot better - even with Learner's code tags.
Or, if that's not the problem, then instead of embedding tables within another, then just use one large table so that all the elements would line up. | | | | Joined: Mar 2002 Posts: 533 Enforcement Admin | Enforcement Admin Joined: Mar 2002 Posts: 533 | Okay... Which one of you little brats screwed up the formatting of the UBB table? *takes off belt abd folds it in half* | | |
Posts: 35 Joined: August 2003
| | Forums41 Topics33,840 Posts68,858 Average Daily Posts0 | Members2,176 Most Online3,253 Jan 13th, 2020 | | | | | | | | | | | Doom 3 by Cyrez - 09/11/14 08:58 PM
| | | | | | | | | | | | | | | | | | |