Full Disclosure mailing list archives

Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability

From: "Jain, Siddhartha" <Siddhartha.Jain () kla-tencor com>
Date: Thu, 26 Oct 2006 23:35:35 -0700

Did Yahoo put out a security notification yet? I don't see any mention
of a bug fix on the yahoo messenger page. And when I turn on my yahoo
messenger (ver 8.0.0.701), shouldn't I be alerted to receive an update?

- Siddhartha



-----Original Message-----
From: full-disclosure-bounces () lists grok org uk
[mailto:full-disclosure-bounces () lists grok org uk] On Behalf Of Gadi
Evron
Sent: Thursday, October 26, 2006 7:46 AM
To: cdejrhymeswithgay () hush com
Cc: full-disclosure () lists grok org uk; bugtraq () securityfocus com
Subject: Re: [Full-disclosure] Yahoo! Messenger Service 18 Remote Buffer
Overflow Vulnerability

On Thu, 26 Oct 2006 cdejrhymeswithgay () hush com wrote:

So how fast is this "record time?" As fast as Hitler's Blitzkrieg
tactics? That's pretty fast!


Yahoo! released a fixed version.

        Gadi.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Jain, Siddhartha (Oct 24)
- <Possible follow-ups>
- Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Gadi Evron (Oct 25)
- Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability cdejrhymeswithgay (Oct 26)
  - Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Gadi Evron (Oct 26)
- Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability Jain, Siddhartha (Oct 26)