Yahoo! Instant Messenger Denial of Service
Thu, 04/30/2009 - 21:54 — victor
Name:
Yahoo! Messenger Overflow
Filename:
backdoorservices.db
SPID:
3147
Impact:
The identified Yahoo service running is subject to several buffer overflows. This can in some cases lead to command execution. An attacker can by this compromise your system.
Solution:
It is recommended to only allow access to trusted people when chatting with them. This can be done at firewall level. Make sure you are using the latest version from http://messenger.yahoo.com/ and there click on Get it now or Download. NOTE: In this check we only relied on the presences of the identified port. Some system are setup to act with many ghost ports open in order to trick attackers. So it is recommended that you verify the service running on the port and if you KNOW you and can verify that another service is run on the port that is not equal to what we detected please ignore this check.
Risk:
High
Privacy Statement | Link Policy | User Policy | SecPoint® Blog | SecPoint® Forum
SecPoint® Pictures | SecPoint® Event Pictures | SecPoint® Exploit Archive | SecPoint® Web Shop | SecPoint® Library
SecPoint® Video | SecPoint® Sitemap
© Copyright 1999-2008: SecPoint®
SecPoint ApS - Lergravsvej 53 - 2300 Copenhagen S - Phone +45 70 235 245
| Recent awards | Compatible with | Visit us on Facebook! | Visit us on LinkedIn! | Visit us on Myspace! | |||||
 |
 |
 |
 |
 |
 Group! |
 |
 follow us on Twitter!  |
||