Cerebrawl » Blog Archive » Yahoo! Messenger reveals your IP address

Yahoo! Messenger reveals your IP address

28 August 2005 76 views 2 Comments

I just realized that the latest version of Yahoo! Messenger suffers from a vulnerability that allows a hacker to get your IP address.

Basically, if both the clients use the latest version of messenger and the victim responds to an IM from the attacker, the former’s IP address is shown in the netstat output of the latter. This is a very old vulnerability that was supposedly patched a long time ago, but has resurfaced in the latest version of the messenger software.

It appears that both the clients initiate a direct end-to-end connection whenever a conversation is begun. I have noticed this behavior when I communicate with some of my friends on messenger. I can see their IP address.

This is a serious issue, and I hope Yahoo! addresses it pretty soon.

2 Comments »

semko said:

hacks

# 26 September 2005 at 11:03 pm

semko said:

########### eroigf0e_hacks

# 26 September 2005 at 11:04 pm

Leave your response!

Twitter Updates

PS: I am not mad. AT&T was actually pretty awesome. I just wish they upheld the promise they made to me back in 2003 to not charge ETF. about 12 hours ago from Echofon
After 7 years of non-stop AT&T service, here's a screw you, AT&T. about 13 hours ago from Echofon
Just paid $100 to AT&T for early termination fees, even as I told them I moved overseas. Apparently, they stopped waiving it for same cases. about 13 hours ago from Echofon

Yahoo! Messenger reveals your IP address

2 Comments »

Leave your response!

Tags

Categories

Blogroll

Recent Comments

Social Networks

Archives

Twitter Updates

Most Commented

Most Viewed