Welcome to MalwareRemoval.com,
What if we told you that you could get malware removal help from experts, and that it was 100% free? MalwareRemoval.com provides free support for people with infected computers. Our help, and the tools we use are always 100% free. No hidden catch. We simply enjoy helping others. You enjoy a clean, safe computer.

Malware Removal Instructions

Do you Yahoo!? Might want to read this....

Notifications for Security Updates, as well as News and Information from across the web - mostly security minded.

Update Contributors: Members of the Malware Removal University.

Do you Yahoo!? Might want to read this....

Unread postby 'KotaGuy » May 13th, 2005, 9:44 pm

"Yahoo! Chat Add Buddy Without Consent Privacy Issue

Services affected: ALL of Yahoo! Chat
Description: A vulnerability exists in Yahoo!'s Chat servers that allows for chatters to be added to your friends list completely without their knowledge or permissionof the operation. As a result private status messages can be read and online Yahoo! Chat activity can be monitored stealthily."


Security Focus BUGTRAQ here.

And another....

"Yahoo! Messenger URL Handler Remote DoS Vulnerability

Application affected: Yahoo! Messenger ver. 5.x - 6.0 Windows (all builds), *Nix/Mac ? (not tested)
Description: A Denial-of-Service attack can be launched against Yahoo! Messenger which can be exploited both locally and remotely through IFRAMEs or by tricking the target into clicking on a YMSGR: URL handler link when in chat or in pm. A remote user can disconnect Yahoo! Messenger users via e-mail or by having the victim visit a web page."


Security Focus BUGTRAQ here.

:!:
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada
Advertisement
Register to Remove

Unread postby 'KotaGuy » May 13th, 2005, 9:44 pm

Bump
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Yahoo! Messenger may be storing all session data 'Unencoded'

Unread postby 'KotaGuy » May 18th, 2005, 1:06 pm

"Application affected: Yahoo! Messenger ver. 5.x - 6.0 (all builds) Windows, *Nix/Mac ? (not tested)

Description: By activating the "Logfile" feature in Yahoo! Messenger a person (perhaps unauthorized) is able to secretly log and view virtually all communications sent and received by Yahoo! Messenger from all IDs logged into Messenger on the local computer. Awareness of this logging is virtually none unless this feature is exclusively known about beforehand by the users and they know exactly where to look for the feature's presence (not likely). When using this feature you may be susceptible to privacy breaches and increased risk for potential remote DoS attacks to be launched successfully."


Security Focus BUGTRAQ.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Yahoo! Messenger may be storing all session data 'Unencoded'

Unread postby 'KotaGuy » May 19th, 2005, 1:33 am

"The newly-made available Yahoo! Messenger 7.0 beta build 224 also stores the same information in clear-text as 5.x - 6.0 versions do when the Logfile is enabled (tested on Windows only). Yahoo! Messenger 7.0 was just made available several hours ago in a beta form. Hopefully later builds won't have this 'feature' altogether."

Security Focus BUGTRAQ.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada

Yahoo! chat bug gives scope for mischief

Unread postby 'KotaGuy » May 20th, 2005, 3:46 pm

"Security researchers have discovered a denial of service vulnerability involving Yahoo!'s popular instant messaging client. Hackers can potentially disconnect users from chat sessions by sending malformed packets to Yahoo! Messenger servers."

Full story here.
User avatar
'KotaGuy
Admin/Teacher Emeritus
 
Posts: 12472
Joined: April 7th, 2005, 7:06 pm
Location: Alberta, Canada
Advertisement
Register to Remove


  • Similar Topics
    Replies
    Views
    Last post

Return to News Desk



Who is online

Users browsing this forum: No registered users and 13 guests

Contact us:

Advertisements do not imply our endorsement of that product or service. Register to remove all ads. The forum is run by volunteers who donate their time and expertise. We make every attempt to ensure that the help and advice posted is accurate and will not cause harm to your computer. However, we do not guarantee that they are accurate and they are to be used at your own risk. All trademarks are the property of their respective owners.

Member site: UNITE Against Malware