Hello

Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â*Â* - Remote denial of service in Yahoo! Messenger -
Â*Â*Â*Â*Â*Â*Â*Â* Oxygen3 24h-365d, by Panda Software (http://www.pandasoftware.com)

Madrid, May 19, 2005 - A vulnerability has been reported in Yahoo! Messenger that could lead to a denial of service, with remote attackers being able to disconnect users from Chat sessions. The advisory is available at http://www.securiteam.com/windowsntf...HP0H20FPE.html.

The problem lies in the way that Yahoo! Messenger processes arguments in YMSGR: URL handler links. An attacker modifying the links with certain characters after the colon could create malformed packets to send to Yahoo! YMSG servers. When these packets are sent, Yahoo! will immediately disconnect users from the chat session.

The problem affects Yahoo! Messenger versions 5.0 and 6.0 and all details have been published along with proof of concepts with malicious urls that could disconnect a user.

The recommended workaround is to eliminate the registry key: "HKEY_CLASSES_ROOT\ymsgr\shell\open\command" la cadena "c:\progra~1\yahoo!\messenger\ypager.exe %1".

NOTE: The address above may not show up on your screen as a single line. This would prevent you from using the link to access the web page. If this happens, just use the 'cut' and 'paste' options to join the pieces of the URL.

Lagu