Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#7787 - 05/20/02 07:37 PM Security of Yahoo PM ?  
Joined: May 2002
Posts: 1
Tom Offline
Junior Member
Tom  Offline
Junior Member

Joined: May 2002
Posts: 1
So Calif
I was wondering if Yahoo PM or private chat rooms are subject to cracking?

Sponsored Links
#7788 - 05/20/02 09:31 PM Re: Security of Yahoo PM ?  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
There is always a possibility of cracking/hacking to anything anywhere, I believe that Yahoo did have a problem some time ago with cracking, but I'm not sure if they fixed their breach.


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#7789 - 05/20/02 11:16 PM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 562
Le4rner Offline
UGN Supporter
Le4rner  Offline
UGN Supporter

Joined: Mar 2002
Posts: 562
I said it before, and I'll say it again. NOTHIN is secure in networking. If you can unlock it for privilaged users, then you can crack it. It is that simple. Security is a matter of path of least resitance and obsurity.

If you are more secure than jimmy over there, most will go for jimmy. If his weaknesses are published and yours aren't. He is most likely to get hacked. However, you can stil be hacked. Every program every computer can be hacked. This may stop with the introduction of the q-bit. But probably not. [Angel]

#7790 - 05/30/02 08:04 PM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le  Offline
Junior Member

Joined: Mar 2002
Posts: 11
sorry about the messed up page. here's the link instead:

http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

#7791 - 05/30/02 08:06 PM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le  Offline
Junior Member

Joined: Mar 2002
Posts: 11
sorry i had to post it like that. it had some "<" and the bbs wouldnt allow that.

heres another one.

Quote:

Yahoo! Messenger! multiple! vulns!

By Thomas C Greene in Washington
Posted: 28/05/2002 at 09:08 GMT

There are two new Yahoo Instant Messenger (YIM) vulnerabilities which can potentially compromise a user's machine, Vietnamese researcher Phuong Nguyen has discovered. Yahoo! has been notified and a fixed version is available for download here.

First up, an unchecked buffer which enables any URL beginning with 'ymsgr:' to call ypager.exe, crash it and run malicious code if the messenger is integrated with the browser. All that's needed is 268 bytes to overflow the buffer, and exploit code can be loaded with the user's level of privilege. The 'call', 'sendim', 'getimv', 'chat', 'addview' and 'addfriend' function calls can be exploited, Nguyen says.

Next up a problem with the 'addview' feature which enables the messenger to view Web content on its own. This is vulnerable to freaky URLs and malicious JavaScript and VB script. Yahoo! content can be duplicated and malicious scripts embedded in the HTML to give an attacker numerous means to exploit a target. See Nguyen's original advisory for links to a couple of simple demonstrations (which I've not verified). Yahoo! has removed this particular 'feature' in the fixed version pending further engineering magic to make it safe, Nguyen says.
links:

http://download.yahoo.com/dl/installs/ymsgr/ymsgr_1065.exe
http://viceconsulting.com/cons/servs/infosec/yimvul001/alert00.html

Sponsored Links
#7792 - 05/30/02 08:08 PM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 11
blackh0le Offline
Junior Member
blackh0le  Offline
Junior Member

Joined: Mar 2002
Posts: 11
what the hell just happen to the page?

#7793 - 05/31/02 03:42 AM Re: Security of Yahoo PM ?  
Joined: Feb 2002
Posts: 7,195
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,195
Likes: 3
Portland, OR; USA
his [code] tags


Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#7794 - 05/31/02 11:45 AM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 1,273
SilentRage Offline
DollarDNS Owner
SilentRage  Offline
DollarDNS Owner

Joined: Mar 2002
Posts: 1,273
OH, USA
ya, if UBB would just topalign and leftalign all of it's message TD tags than things would look a lot better - even with Learner's code tags.

Or, if that's not the problem, then instead of embedding tables within another, then just use one large table so that all the elements would line up.


Domain Registration, Hosting, Management
http://www.dollardns.net
#7795 - 05/31/02 07:07 PM Re: Security of Yahoo PM ?  
Joined: Mar 2002
Posts: 533
Curse Offline
Enforcement Admin
Curse  Offline
Enforcement Admin

Joined: Mar 2002
Posts: 533
San Andreas
Okay... Which one of you little brats screwed up the formatting of the UBB table? *takes off belt abd folds it in half*


Member Spotlight
Crime
Crime
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Forum Statistics
Forums45
Topics46,827
Posts81,997
Average Daily Posts10
Members2,159
Most Online1,567
Apr 25th, 2010
Latest Postings
Top Posters(All Time)
UGN Security 39,991
Gremelin 7,195
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
Ghost Likes: 1
Gremelin Likes: 4
Ice Likes: 1
unreal Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20160902)