Your browser does not seem to support CSS. If images appear below, please disregard them.
toggle
July
S M T W T F S
1 2
3 4 5 6 7 8 9
10 11 12 13 14 15 16
17 18 19 20 21 22 23
24 25 26 27 28 29 30
31
Sponsored Links
Latest Postings
· Blackbeard.....
by Gremelin on 07/04/16 08:31 PM
Topic Options
Rate This Topic
#7787 - 05/20/02 07:37 PM Security of Yahoo PM ?
Joined: May 2002
Posts: 1
Tom Offline
Junior Member
Tom Offline
Junior Member

Joined: May 2002
Posts: 1
So Calif
I was wondering if Yahoo PM or private chat rooms are subject to cracking?

Top
Sponsored Links
#7788 - 05/20/02 09:31 PM Re: Security of Yahoo PM ?
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Portland, OR; USA
There is always a possibility of cracking/hacking to anything anywhere, I believe that Yahoo did have a problem some time ago with cracking, but I'm not sure if they fixed their breach.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#7789 - 05/20/02 11:16 PM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 562
Le4rner Offline
UGN Supporter
Le4rner Offline
UGN Supporter

Joined: Mar 2002
Posts: 562
I said it before, and I'll say it again. NOTHIN is secure in networking. If you can unlock it for privilaged users, then you can crack it. It is that simple. Security is a matter of path of least resitance and obsurity.

If you are more secure than jimmy over there, most will go for jimmy. If his weaknesses are published and yours aren't. He is most likely to get hacked. However, you can stil be hacked. Every program every computer can be hacked. This may stop with the introduction of the q-bit. But probably not. [Angel]

Top
#7790 - 05/30/02 08:04 PM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le Offline
Junior Member

Joined: Mar 2002
Posts: 11
sorry about the messed up page. here's the link instead:

http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

Top
#7791 - 05/30/02 08:06 PM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le Offline
Junior Member

Joined: Mar 2002
Posts: 11
sorry i had to post it like that. it had some "<" and the bbs wouldnt allow that.

heres another one.

Quote:

Yahoo! Messenger! multiple! vulns!

By Thomas C Greene in Washington
Posted: 28/05/2002 at 09:08 GMT

There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen has discovered. Yahoo! has been notified and a fixed version is available for download here.

First up, an unchecked buffer which enables any URL beginning with 'ymsgr:' to call ypager.exe, crash it and run malicious code if the messenger is integrated with the browser. All that's needed is 268 bytes to overflow the buffer, and exploit code can be loaded with the user's level of privilege. The 'call', 'sendim', 'getimv', 'chat', 'addview' and 'addfriend' function calls can be exploited, Nguyen says.

Next up a problem with the 'addview' feature which enables the messenger to view Web content on its own. This is vulnerable to freaky URLs and malicious JavaScript and VB script. Yahoo! content can be duplicated and malicious scripts embedded in the HTML to give an attacker numerous means to exploit a target. See Nguyen's original advisory for links to a couple of simple demonstrations (which I've not verified). Yahoo! has removed this particular 'feature' in the fixed version pending further engineering magic to make it safe, Nguyen says.
links:

http://download.yahoo.com/dl/installs/ymsgr/ymsgr_1065.exe
http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

Top
#7792 - 05/30/02 08:08 PM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le Offline
Junior Member

Joined: Mar 2002
Posts: 11
what the hell just happen to the page?

Top
#7793 - 05/31/02 03:42 AM Re: Security of Yahoo PM ?
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Portland, OR; USA
his [code] tags


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
Top
#7794 - 05/31/02 11:45 AM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
ya, if UBB would just topalign and leftalign all of it's message TD tags than things would look a lot better - even with Learner's code tags.

Or, if that's not the problem, then instead of embedding tables within another, then just use one large table so that all the elements would line up.


Domain Registration, Hosting, Management
http://www.dollardns.net
Top
#7795 - 05/31/02 07:07 PM Re: Security of Yahoo PM ?
Joined: Mar 2002
Posts: 533
Curse Offline
Enforcement Admin
Curse Offline
Enforcement Admin

Joined: Mar 2002
Posts: 533
San Andreas
Okay... Which one of you little brats screwed up the formatting of the UBB table? *takes off belt abd folds it in half*

Top

Member Spotlight
Gremelin

Gremelin
Portland, OR; USA
Posts: 7,195
Joined: February 2002
Show All Member Profiles 
Forum Statistics
Forums46
Topics46,215
Posts81,385
Members2,157
Most Online1,567
Apr 25th, 2010
Top Posters(All Time)
UGN Security 39,379
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Newest Members
Herbert_Sherbert, codemauve, Lillysdragon1984, Brewwit, boa
2157 Registered Users
Who's Online Now
0 registered members (), 3 guests and 2 spiders.
Latest News