lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <88001FC5C453764CA6597FB2987424942531D6@SVEX03.dutchtone.nl>
From: allan.vanleeuwen at orangemail.nl (allan.vanleeuwen@...ngemail.nl)
Subject: [inbox] RE: RE: Yahoo Instant Messenger YAU
	TO.DLL buffer overflow

I've actually tried that BOMB thing at the airport ....
Just before getting into the plane I was asked if the device on my belt was
my walkman ...
I was tupid enough to want to make a joke and said 'Nope, it's my BOMB'. I
got a VERY angry look and got asked if I thought that was supposed to be
funny. I appologised and quickly got onto my plane :-)

Definition of Free Speech in the USA : You can say everything you like as
long as it's not about the president.

-----Original Message-----
From: Exibar [mailto:exibar@...lair.com] 
Sent: vrijdag 5 december 2003 5:48
To: full-disclosure@...ts.netsys.com
Subject: RE: [inbox] RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow


all it would take is one person on the list to anonymously send that message
to the SS.  Easy enough email address to send to as well,
secretservice@...tehouse.gov or president@...tehouse.gov can even report via
the web  http://www.firstgov.gov/feedback/FeedbackForm.jsp    or
nipc.watch@....gov

  that posted message along with the full headers should be sufficiant to
get you federal jail time.  It's happened before with a simple conversation
that was overheard in a bar or restaurant.  the guy was hauled off to jail
and hassled for quite a while because he said something similar to what you
said.  although he said it about another president, Carter I think it was...
not sure though.

  Even though I agree that free speech could come into play, some things you
just don't say out loud.  Like saying the word BOMB in an airport.... try it
sometime if you really want to miss your flight :-)

 Exibar

-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Kristian
Hermansen
Sent: Thursday, December 04, 2003 4:36 PM
To: full-disclosure@...ts.netsys.com
Subject: [inbox] RE: [Full-Disclosure] RE: Yahoo Instant Messenger
YAUTO.DLL buffer overflow


Well, I also have the right to free speech; although murder is not a
right...the website is not to be taken literally.  Obviously if I wanted
Bush literally killed, I would not have a website as such exposing my
name/address.  The person who posted my address to a public mailing list is,
however, definitely in violation of my rights and this list's policies.
Although, information should be free and I never support such restrictions
to information in the public domain.

The CIA/FBI are not going to come to my house I assure you.  They have
better things to worry about.  The fact is that the Bush Administration are
TERRORISTS!!!  If you don't know this by now, you surely are uninformed.
Anyways, "kill" is a UNIX command, but you don't see any processes getting
angry and formatting my computer...


Kristian Hermansen
khermansen@...technology.com
-----Original Message-----
From: full-disclosure-admin@...ts.netsys.com
[mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of Exibar
Sent: Thursday, December 04, 2003 2:35 PM
To: Kristian Hermansen; full-disclosure@...ts.netsys.com
Subject: Re: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer
overflow

Just sit right there at home, the Secret Service will be by to have a
conversation with you I'm sure.


----- Original Message -----
From: "Kristian Hermansen" <khermansen@...technology.com>
To: <full-disclosure@...ts.netsys.com>
Sent: Thursday, December 04, 2003 1:37 PM
Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer
overflow


> KillGeorgeBush.com is getting ready to go prime-time, but...oh yeah...I
have
> finals!!!  If anyone has any good content for my KillGeorgeBush.com
website,
> please send me emails/link (audio, video, documents, etc.)  Remember:
George
> Bush deserves to die for his lies and lootin'!!!  I am now accepting
> donations through Paypal, of which the money will go straight to terrorist
> organizations who have interests vested in removing the Bush
administration
> from political power...
>
>
> Kristian Hermansen
> khermansen@...technology.com
>
> -----Original Message-----
> From: List Account [mailto:list.account@...dant.com]
> Sent: Thursday, December 04, 2003 12:58 PM
> To: 'Kristian Hermansen'
> Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL
buffer
> overflow
>
> Nice site! Where's the content? (Killgeorgebush.com)
>
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> Kristian Hermansen
> Sent: Thursday, December 04, 2003 10:56 AM
> To: full-disclosure@...ts.netsys.com
> Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
> YAUTO.DLL buffer overflow
>
>
> Dude, thanks for the calc tips!!!  LATE makes perfect sense ;-)
>
>
> Kristian Hermansen
> khermansen@...technology.com
>
> -----Original Message-----
> From: List Account [mailto:list.account@...dant.com]
> Sent: Thursday, December 04, 2003 10:41 AM
> To: 'Kristian Hermansen'
> Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
> YAUTO.DLL buffer overflow
>
> Funny you should be talking about Calculus, I'm finishing 152 now
> (finals next week). Integration by parts not that bad. Here's a
> tip; LATE Logs Algebraic Trig Exponentials What this is for is to
> find u, so that du will be something simpler. So to use LATE to
> find u, try them in order, i.e. is there a ln? No, then is there
> an algebraic function you can integrate?, etc.
>
> HTH,
> Nathan
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of
> Kristian Hermansen
> Sent: Thursday, December 04, 2003 9:19 AM
> To: full-disclosure@...ts.netsys.com
> Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger
> YAUTO.DLL buffer overflow
>
>
> OMFG Tri, hahahahaha!!!  Remember when you couldn't figure out
> who hijacked yer mail/Paypal accounts?  Looks like we know who
> did it now.  Did he take any money from yer Paypal account?  I do
> agree with one thing that he said..."Stop leaking and killing my
> bug kid. Go to school to learn more." Dude you missed calculus
> class again and don't forget we are doing integration by
> parts/series this week/next week.  Maybe you aren't as slick as I
> thought you were.  Stealing bugs from other people?  Dude, I had
> a lot of respect for you...but now...I'm just not so sure about
> your "integrity". Are you really finding these bugs with
> OllyDebug/IDAPro, or are you monitoring security researchers
> email accounts to get your info?  Dude, I only ask because I
> believe everyone here has the right to know...
>
>
> Kristian Hermansen
> khermansen@...technology.com
>
> -----Original Message-----
> From: full-disclosure-admin@...ts.netsys.com
> [mailto:full-disclosure-admin@...ts.netsys.com] On Behalf Of De
> Blanc
> Sent: Thursday, December 04, 2003 2:17 AM
> To: full-disclosure@...ts.netsys.com
> Cc: bugtraq@...urityfocus.com
> Subject: Re: [Full-Disclosure] RE: Yahoo Instant Messenger
> YAUTO.DLL buffer overflow
>
> Yeah! Yahoo is sux. Yahoo Messenger has tons of bugs.
> But you are more sux than yahoo since you stole my
> work and posted my found bug to yahoo and bugtraq.
> Funny enough when your little company SentryUnion is
> trying to sell "Indetify Theft" protection service but
> you got owned, stole mail and money from your paypal
> account, logged everything your chatted with gf via
> one another yahoo messenger 0day.
>
> Stop leaking and killing my bug kid. Go to school to
> learn more.
>
> The Blanc
>
> <trihuynh@...up.com> wrote:
> >Hi all,
> >This bug is a lame bug, very lame actually. I release
> it in order to
> >show that how a big company don't even do a basic QA.
> If we look through
> >the security records of YIM, almost any YIM's
> ActiveX/Com
> >components do have some kind of buffer overflow and
> it is very easy
> >to spot them too (by fuzzing the IDispatch
> interface). I have no idea
> >how can QA guys in the YIM project can manage to let
> these
> >dangerous bugs survival through the testing state.
> Maybe they
> >are so busy watching the new "Joe Millionaire" show
> :-))))
> >Trihuynh
> >Sentryunion
> >-----Original Message-----
> >From: full-disclosure-admin@...ts.netsys.com
> >[mailto:full-disclosure-admin@...ts.netsys.com] On
> Behalf Of Tri Huynh
> >Sent: Wednesday, December 03, 2003 10:07
> >To: full-disclosure@...ts.netsys.com;
> bugtraq@...urityfocus.com
> >Cc: bugs@...uritytracker.com; news@...uriteam.com;
> vuln@...unia.com
> >Subject: [Full-Disclosure] Yahoo Instant Messenger
> YAUTO.DLL buffer overflow
> >
> >Yahoo Instant Messenger YAUTO.DLL buffer overflow
> >=================================================
> >PROGRAM: Yahoo Instant Messenger (YIM)
> >HOMEPAGE: http://messenger.yahoo.com
> >VULNERABLE VERSIONS: 5.6.0.1347 and below
> >
> >DESCRIPTION
> >=================================================
> >YIM is one of the most popular instant messenger.
> This is a cool product,
> >that allows me to chat with my gf from a very long
> distant :-).
> >
> >DETAILS
> >=================================================
> >YAUTO.DLL is an ActiveX/COM component that comes with
> Yahoo Install
> >Messenger. YAUTO.DLL is registered under a ProgID
> called "YAuto.NSAuto.1".
> >In this component, there is a function named
> Open(String Url) that will
> >cause a buffer overflow if argument Url is passed
> with a long string. Since
> >this is an ActiveX component, the vulnerability can
> be exploited just by
> >making a website with the correct CLSID of the
> ActiveX and call the function
> >directly. We have successfully exploited the
> vulnerability by making a
> >website that can download a trojan and execute it
> silently.
> >
> >WORKAROUND
> >=================================================
> >Yahoo has been contacted at
> enterprisesales@...oo-inc.com (this is the only
> >email that I can find on the Yahoo Messenger Site)
> but doesn't response
> >after 1 month. The workaround solution is deleting
> the YAUTO.DLL file in
> >your YIM directory.
> >
> >CREDITS
> >=================================================
> >Discovered by Tri Huynh from SentryUnion
> >
> >DISLAIMER
> >=================================================
> >The information within this paper may change without
> notice. Use of this
> >information constitutes acceptance for use in an AS
> IS condition. There are
> >NO warranties with regard to this information. In no
> event shall the author
> >be liable for any damages whatsoever arising out of
> or in connection with
> >the use or spread of this information. Any use of
> this information is at the
> >user's own risk.
> >
> >FEEDBACK
> >=================================================
> >Please send suggestions, updates, and comments to:
> trihuynh@...up.com
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter:
> http://lists.netsys.com/full-disclosure-charter.html
> >
> >
> >----------------------------------------------------------------
> ----
> >mail2web - Check your email from the web at http://mail2web.com/
> .
> >
> >_______________________________________________
> >Full-Disclosure - We believe in it.
> >Charter: http://lists.netsys.com/full-disclosure-charter.html
>
> __________________________________
> Do you Yahoo!?
> Free Pop-Up Blocker - Get it now
> http://companion.yahoo.com/
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
===========================================================
De informatie opgenomen in dit bericht kan vertrouwelijk zijn en is alleen
bestemd voor de geadresseerde. Indien u dit bericht onterecht ontvangt,
wordt u verzocht de inhoud niet te gebruiken en de afzender direct te
informeren door het bericht te retourneren. Hoewel Orange maatregelen heeft
genomen om virussen in deze email of attachments te voorkomen, dient u ook
zelf na te gaan of virussen aanwezig zijn aangezien Orange niet
aansprakelijk is voor computervirussen die veroorzaakt zijn door deze
email..

The information contained in this message may be confidential and is
intended to be only for the addressee. Should you receive this message
unintentionally, please do not use the contents herein and notify the sender
immediately by return e-mail. Although Orange has taken steps to ensure that
this email and attachments are free from any virus, you do need to verify
the possibility of their existence as Orange can take no responsibility for
any computer virus which might be transferred by way of this email.
===========================================================



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ