Yahoo! Pager/Messenger Long URL Overflow

2000-01-17T00:00:00
ID OSVDB:6865
Type osvdb
Reporter Jaynus(jaynus@goatrance.com)
Modified 2000-01-17T00:00:00

Description

Vulnerability Description

Yahoo! Messenger contains a flaw that may allow a remote denial of service. The issue is triggered when a text message is sent containing an overly long URL occurs, and will result in loss of availability for the service.

Solution Description

Upgrade to version 6.0 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Yahoo! Messenger contains a flaw that may allow a remote denial of service. The issue is triggered when a text message is sent containing an overly long URL occurs, and will result in loss of availability for the service.

Manual Testing Notes

Tested URL on version 6.0.0.1750 and it has been fixed as of 1/14/05. - m00dimus

References:

Vendor URL: http://messenger.yahoo.com Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2000-01/0207.html ISS X-Force ID: 3869 CVE-2000-0047