lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <016201c3ba8e$e5ca2b20$800101df@ngxp>
From: list.account at cerdant.com (List Account)
Subject: RE: Yahoo Instant Messenger YAUTO.DLL buffer overflow

Obviously you are Dave...

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of dave
kleiman
Sent: Thursday, December 04, 2003 11:53 AM
To: 'Kristian Hermansen'; full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow


Is there actually anyone on the list who is over the age of 20?


 
_______________________________
Dave Kleiman, CISSP, MCSE, CIFI
dave@...cureu.com
www.SecurityBreachResponse.com

"High achievement always takes place in the framework of high
expectation." Jack Kinder

 



-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
Kristian Hermansen
Sent: Thursday, December 04, 2003 10:56
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow


Dude, thanks for the calc tips!!!  LATE makes perfect sense ;-)


Kristian Hermansen
khermansen@...technology.com

-----Original Message-----
From: List Account [mailto:list.account@...dant.com] 
Sent: Thursday, December 04, 2003 10:41 AM
To: 'Kristian Hermansen'
Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow

Funny you should be talking about Calculus, I'm finishing 152 now
(finals next week). Integration by parts not that bad. Here's a
tip; LATE Logs Algebraic Trig Exponentials What this is for is to
find u, so that du will be something simpler. So to use LATE to
find u, try them in order, i.e. is there a ln? No, then is there
an algebraic function you can integrate?, etc.

HTH,
Nathan

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
Kristian Hermansen
Sent: Thursday, December 04, 2003 9:19 AM
To: full-disclosure@...ts.netsys.com
Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow


OMFG Tri, hahahahaha!!!  Remember when you couldn't figure out
who hijacked yer mail/Paypal accounts?  Looks like we know who
did it now.  Did he take any money from yer Paypal account?  I do
agree with one thing that he said..."Stop leaking and killing my
bug kid. Go to school to learn more." Dude you missed calculus
class again and don't forget we are doing integration by
parts/series this week/next week.  Maybe you aren't as slick as I
thought you were.  Stealing bugs from other people?  Dude, I had
a lot of respect for you...but now...I'm just not so sure about
your "integrity". Are you really finding these bugs with
OllyDebug/IDAPro, or are you monitoring security researchers
email accounts to get your info?  Dude, I only ask because I
believe everyone here has the right to know...


Kristian Hermansen
khermansen@...technology.com

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of De
Blanc
Sent: Thursday, December 04, 2003 2:17 AM
To: full-disclosure@...ts.netsys.com
Cc: bugtraq@...urityfocus.com
Subject: Re: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow

Yeah! Yahoo is sux. Yahoo Messenger has tons of bugs.
But you are more sux than yahoo since you stole my
work and posted my found bug to yahoo and bugtraq.
Funny enough when your little company SentryUnion is
trying to sell "Indetify Theft" protection service but
you got owned, stole mail and money from your paypal
account, logged everything your chatted with gf via
one another yahoo messenger 0day. 

Stop leaking and killing my bug kid. Go to school to
learn more.

The Blanc

<trihuynh@...up.com> wrote:
>Hi all,
>This bug is a lame bug, very lame actually. I release
it in order to
>show that how a big company don't even do a basic QA.
If we look through
>the security records of YIM, almost any YIM's
ActiveX/Com
>components do have some kind of buffer overflow and
it is very easy
>to spot them too (by fuzzing the IDispatch
interface). I have no idea
>how can QA guys in the YIM project can manage to let
these
>dangerous bugs survival through the testing state.
Maybe they
>are so busy watching the new "Joe Millionaire" show
:-))))
>Trihuynh
>Sentryunion
>-----Original Message-----
>From: full-disclosure-admin@...ts.netsys.com
>[mailto:full-disclosure-admin@...ts.netsys.com] On
Behalf Of Tri Huynh
>Sent: Wednesday, December 03, 2003 10:07
>To: full-disclosure@...ts.netsys.com;
bugtraq@...urityfocus.com
>Cc: bugs@...uritytracker.com; news@...uriteam.com;
vuln@...unia.com
>Subject: [Full-Disclosure] Yahoo Instant Messenger
YAUTO.DLL buffer overflow
>
>Yahoo Instant Messenger YAUTO.DLL buffer overflow 
>=================================================
>PROGRAM: Yahoo Instant Messenger (YIM)
>HOMEPAGE: http://messenger.yahoo.com
>VULNERABLE VERSIONS: 5.6.0.1347 and below
>
>DESCRIPTION
>=================================================
>YIM is one of the most popular instant messenger.
This is a cool product,
>that allows me to chat with my gf from a very long
distant :-).
>
>DETAILS
>=================================================
>YAUTO.DLL is an ActiveX/COM component that comes with
Yahoo Install
>Messenger. YAUTO.DLL is registered under a ProgID
called "YAuto.NSAuto.1".
>In this component, there is a function named
Open(String Url) that will
>cause a buffer overflow if argument Url is passed
with a long string. Since
>this is an ActiveX component, the vulnerability can
be exploited just by
>making a website with the correct CLSID of the
ActiveX and call the function
>directly. We have successfully exploited the
vulnerability by making a
>website that can download a trojan and execute it
silently.
>
>WORKAROUND
>=================================================
>Yahoo has been contacted at
enterprisesales@...oo-inc.com (this is the only
>email that I can find on the Yahoo Messenger Site)
but doesn't response
>after 1 month. The workaround solution is deleting
the YAUTO.DLL file in
>your YIM directory.
>
>CREDITS
>=================================================
>Discovered by Tri Huynh from SentryUnion
>
>DISLAIMER
>=================================================
>The information within this paper may change without
notice. Use of this
>information constitutes acceptance for use in an AS
IS condition. There are
>NO warranties with regard to this information. In no
event shall the author
>be liable for any damages whatsoever arising out of
or in connection with
>the use or spread of this information. Any use of
this information is at the
>user's own risk.
>
>FEEDBACK
>=================================================
>Please send suggestions, updates, and comments to:
trihuynh@...up.com
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter:
http://lists.netsys.com/full-disclosure-charter.html
>
>
>----------------------------------------------------------------
----
>mail2web - Check your email from the web at http://mail2web.com/
.
>
>_______________________________________________
>Full-Disclosure - We believe in it.
>Charter: http://lists.netsys.com/full-disclosure-charter.html

__________________________________
Do you Yahoo!?
Free Pop-Up Blocker - Get it now
http://companion.yahoo.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ