Jump to content
xisto Community
Sign in to follow this  
tansqrx

The Yahoo! Messenger Zero-day For The Month Of August

Recommended Posts

Yahoo! Messenger is once again in the news for all the wrong reasons. This time it is a heap overflow in the webcam component. The news was apparently first exposed my McAfee in a blog post at http://www.mcafee.com/us/threat-center.aspx. A second post at http://www.mcafee.com/us/threat-center.aspx goes into more detail explaining that you shouldnât accept unknown webcam invites and to possibly firewall port 5100. Security Focus has also issued an alert at http://www.securityfocus.com/bid/25330/info but they only classify is as a remote denial of service attack, far from the remote code execution heralded by McAfee. Security Focus reports that exploit code can be found at http://forums.xisto.com/no_longer_exists/.

 

When I hear that a new exploit may be on the market for Messenger the first thing I do is head over to Google News and see what the top Messenger stories are. For some reason I think this particular exploit may be getting the attention of a more generalized audience. Compared to the June 2007 exploit, the news reports appear to be more numerous and written in a more ominous tone. The thing that really caught my attention was the fact that more main stream media outlets are picking up on this story such as ABC (http://abcnews.go.com/Technology/PCWorld/story?id=3482490). Although this particular Yahoo! Messenger attack may not be any worse than the June exploit, Yahoo! may have a bigger public relations mess on their hands.

Share this post


Link to post
Share on other sites

Security Fix 8.1.0.416On the 16th of August I reported the latest Yahoo! Messenger exploit that was leaked. At the time not much information was given about the exploit but since then I have a little bit more. The exploit was apparently due to a buffer overflow in the JPEG2000 (https://en.wikipedia.org/wiki/JPEG_2000) CODEC. Yahoo! has now announced that the exploit has been patched in its latest release, 8.1.0.416. The patch should be automatically pushed out to users.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.