UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
September
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30
Sponsored Links
Latest Postings
Doom 3
by Cyrez
09/11/14 08:58 PM
The History Thread...
by Cyrez
09/11/14 08:56 PM
Amazon Gift Card Generator/KeyGen?te
by Gecko666
08/22/14 09:21 AM
Latest Reviews
Topic Options
Rate This Topic
#7787 - 05/20/02 12:37 PM Security of Yahoo PM ?
Tom Offline
Junior Member

Registered: 05/20/02
Posts: 1
Loc: So Calif
I was wondering if Yahoo PM or private chat rooms are subject to cracking?

Top
Sponsored Links
      
#7788 - 05/20/02 02:31 PM Re: Security of Yahoo PM ?
Gremelin Online   shocked

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
There is always a possibility of cracking/hacking to anything anywhere, I believe that Yahoo did have a problem some time ago with cracking, but I'm not sure if they fixed their breach.
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#7789 - 05/20/02 04:16 PM Re: Security of Yahoo PM ?
Le4rner Offline
UGN Supporter

Registered: 03/05/02
Posts: 562
I said it before, and I'll say it again. NOTHIN is secure in networking. If you can unlock it for privilaged users, then you can crack it. It is that simple. Security is a matter of path of least resitance and obsurity.

If you are more secure than jimmy over there, most will go for jimmy. If his weaknesses are published and yours aren't. He is most likely to get hacked. However, you can stil be hacked. Every program every computer can be hacked. This may stop with the introduction of the q-bit. But probably not. [Angel]
_________________________
http://promodtecnologies.com/rrfn

Top
#7790 - 05/30/02 01:04 PM Re: Security of Yahoo PM ?
blackh0le Offline
Junior Member

Registered: 03/13/02
Posts: 11
sorry about the messed up page. here's the link instead:

http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

Top
#7791 - 05/30/02 01:06 PM Re: Security of Yahoo PM ?
blackh0le Offline
Junior Member

Registered: 03/13/02
Posts: 11
sorry i had to post it like that. it had some "<" and the bbs wouldnt allow that.

heres another one.

Quote:

Yahoo! Messenger! multiple! vulns!

By Thomas C Greene in Washington
Posted: 28/05/2002 at 09:08 GMT

There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen has discovered. Yahoo! has been notified and a fixed version is available for download here.

First up, an unchecked buffer which enables any URL beginning with 'ymsgr:' to call ypager.exe, crash it and run malicious code if the messenger is integrated with the browser. All that's needed is 268 bytes to overflow the buffer, and exploit code can be loaded with the user's level of privilege. The 'call', 'sendim', 'getimv', 'chat', 'addview' and 'addfriend' function calls can be exploited, Nguyen says.

Next up a problem with the 'addview' feature which enables the messenger to view Web content on its own. This is vulnerable to freaky URLs and malicious JavaScript and VB script. Yahoo! content can be duplicated and malicious scripts embedded in the HTML to give an attacker numerous means to exploit a target. See Nguyen's original advisory for links to a couple of simple demonstrations (which I've not verified). Yahoo! has removed this particular 'feature' in the fixed version pending further engineering magic to make it safe, Nguyen says.
links:

http://download.yahoo.com/dl/installs/ymsgr/ymsgr_1065.exe
http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

Top
#7792 - 05/30/02 01:08 PM Re: Security of Yahoo PM ?
blackh0le Offline
Junior Member

Registered: 03/13/02
Posts: 11
what the hell just happen to the page?

Top
#7793 - 05/30/02 08:42 PM Re: Security of Yahoo PM ?
Gremelin Online   shocked

Community Owner
*****

Registered: 02/28/02
Posts: 7192
Loc: Portland, OR; USA
his [code] tags
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#7794 - 05/31/02 04:45 AM Re: Security of Yahoo PM ?
SilentRage Offline
DollarDNS Owner

Registered: 03/04/02
Posts: 1273
Loc: OH, USA
ya, if UBB would just topalign and leftalign all of it's message TD tags than things would look a lot better - even with Learner's code tags.

Or, if that's not the problem, then instead of embedding tables within another, then just use one large table so that all the elements would line up.
_________________________
Domain Registration, Hosting, Management
http://www.dollardns.net

Top
#7795 - 05/31/02 12:07 PM Re: Security of Yahoo PM ?
Curse Offline

Enforcement Admin

Registered: 03/04/02
Posts: 533
Loc: San Andreas
Okay... Which one of you little brats screwed up the formatting of the UBB table? *takes off belt abd folds it in half*

Top

Moderator:  Infinite 
Featured Member
Registered: 08/22/14
Posts: 1
Forum Stats
2148 Members
46 Forums
34402 Topics
69571 Posts

Max Online: 1567 @ 04/25/10 02:20 AM
Top Posters
UGN Security 27564
Gremelin 7192
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
Gecko666, defghi795767, Devo60, ali, lavos
2147 Registered Users
Who's Online
1 registered (Gremelin), 61 Guests and 51 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!