If not for Cenzic’s CIA [Cenzic Intelligent Analysis] Research Lab which notified Yahoo on May 23 that Yahoo Mail is facing serious risk from online attackers due to a Cross Site Scripting (XSS) vulnerability, millions of Yahoo mail users might have been victimized already.
XSS flaws are said to be the most common and risky vulnerability encountered by Web-based applications which when not fixed immediately, opens up opportunities for attackers to steal users’ information or worst infect their machines with malicious code.
The good thing is, Yahoo quickly fixed the XSS vulnerability reported by Cenzic last June 13. It also said that Yahoo did not receive any complaints from Yahoo Mail and Messenger users who were affected negatively by the XSS vulnerability.
It would have been the end of story but Cenzic analysts would not be convinced that easily and thinks that with the billion of Yahoo Mail users, there’s a good chance that some of these billion were affected stealthly by the XSS flaw, especially today when attackers are getting better with their malicious attacks to online users.
In case you’re wondering how this XSS vulnerability attacks Yahoo Mail and Yahoo Messenger users, here’s how Cenzic analysts explains it:
According to Cenzic’s description of the XSS vulnerability, while chatting, an attacker could have changed their status to ‘invisible’ which would trigger an ‘offline’ message in the users chat tab.
“The vulnerability occurred when the attacker then changed status, and sent a custom message containing a malicious string in the form of a status message of “online,” with the script executed in the context of Yahoo Mail on the victim’s machine,” Cenzic noted in its advisory.
“This allowed an attacker to get active access to the victim’s session ID, and in turn steal their Yahoo identity, exposing sensitive personal information stored in their Yahoo account.”
It looks like Yahoo is getting its hands full of problems and issues here and there lately. Aside from the successive resignation of its top employees, threats from external parties, and shareholders’ growing discontent with the way things are going, we would not be surprised if Yahoo announces what seems to be inevitable. What is it? You’re guess is as good as mine.
Vote for this post : 5
or Buzz it at Yahoo :
Comments
4 responses so far ↓
Alphane Moon on Jun 26, 2008 at 10:12 am
Hey, at least they fixed that XSS vulnerability. There are other companies that reply to a vulnerability report with a mail like this: Thank you. We at CrappyCorp Inc appreciate feedback from users and are always eager to make improvements to our product. However, we do not promiss anything.
Yeah, right. And nothing happens. Maybe they are too busy with counting money all day. This really sucks!
prist on Jun 26, 2008 at 2:34 pm
can u gimme the link of tht XSS :P
Catalog Solutions on Jun 27, 2008 at 9:28 am
Even giants like Y! are vulnerable with security holes?
Carmelo Lisciotto on Jun 27, 2008 at 12:59 pm
All are vulnerable.
Carmelo Lisciotto
Leave a Comment