Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Vulnerability in Yahoo messenger

Vulnerability in Yahoo messenger

by Nikola Strahija on February 23rd, 2002 All versions of Yahoo messenger version 5. Listens on port 5101 on client machine. (obviously to offload server traffic for IMs) problems: (for all of the problems listed below, the traffic is sent to the yahoo messenger opened port, 5101)


1. One can crash yahoo messenger by overflowing the message field in the
yahoo protocol.
2. One can crash yahoo messenger by overflowing the IMvironment field in
the yahoo protocol.
3. One can send a message as a spoofed name.
4. One can send many many messages from different names, flooding the
person.
5. One can add a person to their buddy list (without their consent even),
then message them a few times and that persons IP address will be sent in a
message over yahoo's server.


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »