[24376] in bugtraq
Remote crashes in Yahoo messenger
daemon@ATHENA.MIT.EDU (Scott Woodward)
Fri Feb 22 14:01:03 2002
Message-ID: <001601c1baf9$c06804b0$0500000a@billuh>
From: "Scott Woodward" <scott@phoenixtechie.com>
To: <bugtraq@securityfocus.com>
Date: Thu, 21 Feb 2002 10:03:57 -0700
MIME-Version: 1.0
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
All versions of Yahoo messenger version 5. Listens on port 5101 on client
machine. (obviously to
offload server traffic for IMs)
problems:
(for all of the problems listed below, the traffic is sent to the yahoo
messenger opened port, 5101)
1. One can crash yahoo messenger by overflowing the message field in the
yahoo protocol.
2. One can crash yahoo messenger by overflowing the IMvironment field in
the yahoo protocol.
3. One can send a message as a spoofed name.
4. One can send many many messages from different names, flooding the
person.
5. One can add a person to their buddy list (without their consent even),
then message them a few times and that persons IP address will be sent in a
message over yahoo's server.
I would imagine there are many many more security problems to be found.
