Full Disclosure mailing list archives
Yahoo! Spam Attack Mailers
From: xploitable <xploitable () gmail com>
Date: Wed, 6 Oct 2004 21:58:39 +0100
Should I bother naming the Yahoo! service anymore or just start listing the mailers. mailer3.bulk.scd.yahoo.com is vulnerable to be used to attack Yahoo! mail network and by the way it seems all the bulk mailers are vulnerable. I would imagine all the way up the numbers, such as mailer1, mailer2, mailer3 and so on. This one is used when a user clicks on a "Add to My Yahoo!". The service allows Yahoo! consumers to add an RSS Yahoo! module to a consumers My Yahoo! page. A link is then available for the consumer to send the same module to a friend. Also Yahoo! News "E-mail this story to a friend" uses the same bulk mailer. All vulnerable to be used to attack Yahoo! Mail accounts. Mail will goto the inbox and not the bulk mail folder. Allowing a malicious user to very quickly flood inbox with repeated My Yahoo! RSS module links or Yahoo! News story links. Example for My Yahoo! RSS module mail to a friend page: http://mtf.news.yahoo.com/mailto?url=http%3a//e.my.yahoo.com/config/cstore%3f.opt=content%26.node=1%26.sid=171771&title=Choose+Content&prop=mycstore&locale=us&h1=ymessenger+at+Yahoo!+Groups&h2=n3td3v&h3=http%3a//my.yahoo.com Example for Yahoo! News story link mail to a friend page: http://mtf.news.yahoo.com/mailto?url=http%3a//story.news.yahoo.com/news%3ftmpl=story%26u=/ap/20041006/ap_on_re_mi_ea/us_iraq_weapons&title=U.S.+Report+Finds+No+Evidence+of+Iraq+WMD%0a&prop=dailynews&locale=us&h1=ap/20041006/us_iraq_weapons&h2=T&h3=540 -- http://www.geocities.com/n3td3v _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Yahoo! Spam Attack Mailers xploitable (Oct 06)