[25580] in bugtraq
Re: Yahoo Messenger - Multiple Vulnerabilities
daemon@ATHENA.MIT.EDU (Ben Laurie)
Mon May 27 18:32:12 2002
Message-ID: <3CF28D74.2080009@algroup.co.uk>
Date: Mon, 27 May 2002 20:48:04 +0100
From: Ben Laurie <ben@algroup.co.uk>
MIME-Version: 1.0
To: Phuong Nguyen <dphuong@yahoo.com>
Cc: bugtraq@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Phuong Nguyen wrote:
> Given there are now somewhere between 13-65 million
> Yahoo! Messenger users worldwide (as described in the
> Summary above), the potential impact of this
> vulnerability poses a highly significant threat to
> users who do not soon upgrade their Yahoo! Messenger
> clients.
Or, if they're smart, simply disable the URL (use regedit to edit
HKEY_CLASSES_ROOT\ymsgr\shell\open\command to something that doesn't exist).
Cheers,
Ben.
--
http://www.apache-ssl.org/ben.html http://www.thebunker.net/
"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff
