Just sit right there at home, the Secret Service will be by to have a conversation with you I'm sure.
----- Original Message ----- From: "Kristian Hermansen" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, December 04, 2003 1:37 PM Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer overflow > KillGeorgeBush.com is getting ready to go prime-time, but...oh yeah...I have > finals!!! If anyone has any good content for my KillGeorgeBush.com website, > please send me emails/link (audio, video, documents, etc.) Remember: George > Bush deserves to die for his lies and lootin'!!! I am now accepting > donations through Paypal, of which the money will go straight to terrorist > organizations who have interests vested in removing the Bush administration > from political power... > > > Kristian Hermansen > [EMAIL PROTECTED] > > -----Original Message----- > From: List Account [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 04, 2003 12:58 PM > To: 'Kristian Hermansen' > Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger YAUTO.DLL buffer > overflow > > Nice site! Where's the content? (Killgeorgebush.com) > > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Kristian Hermansen > Sent: Thursday, December 04, 2003 10:56 AM > To: [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger > YAUTO.DLL buffer overflow > > > Dude, thanks for the calc tips!!! LATE makes perfect sense ;-) > > > Kristian Hermansen > [EMAIL PROTECTED] > > -----Original Message----- > From: List Account [mailto:[EMAIL PROTECTED] > Sent: Thursday, December 04, 2003 10:41 AM > To: 'Kristian Hermansen' > Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger > YAUTO.DLL buffer overflow > > Funny you should be talking about Calculus, I'm finishing 152 now > (finals next week). Integration by parts not that bad. Here's a > tip; LATE Logs Algebraic Trig Exponentials What this is for is to > find u, so that du will be something simpler. So to use LATE to > find u, try them in order, i.e. is there a ln? No, then is there > an algebraic function you can integrate?, etc. > > HTH, > Nathan > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of > Kristian Hermansen > Sent: Thursday, December 04, 2003 9:19 AM > To: [EMAIL PROTECTED] > Subject: RE: [Full-Disclosure] RE: Yahoo Instant Messenger > YAUTO.DLL buffer overflow > > > OMFG Tri, hahahahaha!!! Remember when you couldn't figure out > who hijacked yer mail/Paypal accounts? Looks like we know who > did it now. Did he take any money from yer Paypal account? I do > agree with one thing that he said..."Stop leaking and killing my > bug kid. Go to school to learn more." Dude you missed calculus > class again and don't forget we are doing integration by > parts/series this week/next week. Maybe you aren't as slick as I > thought you were. Stealing bugs from other people? Dude, I had > a lot of respect for you...but now...I'm just not so sure about > your "integrity". Are you really finding these bugs with > OllyDebug/IDAPro, or are you monitoring security researchers > email accounts to get your info? Dude, I only ask because I > believe everyone here has the right to know... > > > Kristian Hermansen > [EMAIL PROTECTED] > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of De > Blanc > Sent: Thursday, December 04, 2003 2:17 AM > To: [EMAIL PROTECTED] > Cc: [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] RE: Yahoo Instant Messenger > YAUTO.DLL buffer overflow > > Yeah! Yahoo is sux. Yahoo Messenger has tons of bugs. > But you are more sux than yahoo since you stole my > work and posted my found bug to yahoo and bugtraq. > Funny enough when your little company SentryUnion is > trying to sell "Indetify Theft" protection service but > you got owned, stole mail and money from your paypal > account, logged everything your chatted with gf via > one another yahoo messenger 0day. > > Stop leaking and killing my bug kid. Go to school to > learn more. > > The Blanc > > <[EMAIL PROTECTED]> wrote: > >Hi all, > >This bug is a lame bug, very lame actually. I release > it in order to > >show that how a big company don't even do a basic QA. > If we look through > >the security records of YIM, almost any YIM's > ActiveX/Com > >components do have some kind of buffer overflow and > it is very easy > >to spot them too (by fuzzing the IDispatch > interface). I have no idea > >how can QA guys in the YIM project can manage to let > these > >dangerous bugs survival through the testing state. > Maybe they > >are so busy watching the new "Joe Millionaire" show > :-)))) > >Trihuynh > >Sentryunion > >-----Original Message----- > >From: [EMAIL PROTECTED] > >[mailto:[EMAIL PROTECTED] On > Behalf Of Tri Huynh > >Sent: Wednesday, December 03, 2003 10:07 > >To: [EMAIL PROTECTED]; > [EMAIL PROTECTED] > >Cc: [EMAIL PROTECTED]; [EMAIL PROTECTED]; > [EMAIL PROTECTED] > >Subject: [Full-Disclosure] Yahoo Instant Messenger > YAUTO.DLL buffer overflow > > > >Yahoo Instant Messenger YAUTO.DLL buffer overflow > >================================================= > >PROGRAM: Yahoo Instant Messenger (YIM) > >HOMEPAGE: http://messenger.yahoo.com > >VULNERABLE VERSIONS: 5.6.0.1347 and below > > > >DESCRIPTION > >================================================= > >YIM is one of the most popular instant messenger. > This is a cool product, > >that allows me to chat with my gf from a very long > distant :-). > > > >DETAILS > >================================================= > >YAUTO.DLL is an ActiveX/COM component that comes with > Yahoo Install > >Messenger. YAUTO.DLL is registered under a ProgID > called "YAuto.NSAuto.1". > >In this component, there is a function named > Open(String Url) that will > >cause a buffer overflow if argument Url is passed > with a long string. Since > >this is an ActiveX component, the vulnerability can > be exploited just by > >making a website with the correct CLSID of the > ActiveX and call the function > >directly. We have successfully exploited the > vulnerability by making a > >website that can download a trojan and execute it > silently. > > > >WORKAROUND > >================================================= > >Yahoo has been contacted at > [EMAIL PROTECTED] (this is the only > >email that I can find on the Yahoo Messenger Site) > but doesn't response > >after 1 month. The workaround solution is deleting > the YAUTO.DLL file in > >your YIM directory. > > > >CREDITS > >================================================= > >Discovered by Tri Huynh from SentryUnion > > > >DISLAIMER > >================================================= > >The information within this paper may change without > notice. Use of this > >information constitutes acceptance for use in an AS > IS condition. There are > >NO warranties with regard to this information. In no > event shall the author > >be liable for any damages whatsoever arising out of > or in connection with > >the use or spread of this information. Any use of > this information is at the > >user's own risk. > > > >FEEDBACK > >================================================= > >Please send suggestions, updates, and comments to: > [EMAIL PROTECTED] > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: > http://lists.netsys.com/full-disclosure-charter.html > > > > > >---------------------------------------------------------------- > ---- > >mail2web - Check your email from the web at http://mail2web.com/ > . > > > >_______________________________________________ > >Full-Disclosure - We believe in it. > >Charter: http://lists.netsys.com/full-disclosure-charter.html > > __________________________________ > Do you Yahoo!? > Free Pop-Up Blocker - Get it now > http://companion.yahoo.com/ > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
