Bugtraq mailing list archives
Yahoo! Instant Messenger
From: "Shaun O'Callaghan" <the_duke247 () YAHOO COM>
Date: Sun, 14 Jan 2001 15:42:41 -0000
When being warned by my firewall that some packet contents may contain sensitive data when connecting to Yahoo! servers with the popular, Yahoo! Instant Messenger, I found to my amazement my username and password combination where being sent to the server in plain text. This is performed to the many Yahoo! servers by a plain get request on the standard ports than YIM uses. As far as I am aware, this is affecting all clients on all operating systems. YIM passwords also are used for mail, calenders, bill paying, auction bidding (which hold CC numbers) well as other information including addresses on various users. I feel this is a very dangerous exploit and comes not long after I discovered the remote character buffer overflow vulnerability in a previous version, hope it was of some help. The_Duke247 Security Editor - BlackBox http://black.box.sk
Current thread:
- Yahoo! Instant Messenger Shaun O'Callaghan (Jan 15)
- Re: Yahoo! Instant Messenger Michael S. Fischer (Jan 16)
- Re: Yahoo! Instant Messenger Matthew Keller (Jan 16)
- Re: Yahoo! Instant Messenger Bill Fumerola (Jan 17)
- Re: Yahoo! Instant Messenger Matthew Keller (Jan 16)
- <Possible follow-ups>
- Re: Yahoo! Instant Messenger Josh Higham (Jan 17)
- Re: Yahoo! Instant Messenger Michael S. Fischer (Jan 16)