exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New


Posted Apr 22, 2004
Authored by Drew Copley | Site eeye.com

eEye Security Advisory - eEye Digital Security has discovered a security hole in Yahoo! Mail which allows a remote attacker to take over an account remotely by sending a specially crafted email.

tags | advisory, remote
SHA-256 | ebcdad08b6b5b55406cc6abe44da9de0baab72d3294fc53e632ae9a3567d1e68


Change Mirror Download
"Yahoo! Mail" Account Filter Overflow Hijack

Release Date:
April 19, 2004

Date Reported:
March 10, 2004



"Yahoo! Mail" is one of the Internet's most popular
web based email solutions. They provide free email and
large capacity storage, as well as subscription-based
services such as mail forwarding, expanded storage and
personalized email addresses.

eEye Digital Security has discovered a security hole in
"Yahoo! Mail" which allows a remote attacker to take over
an account remotely by sending a specially crafted email.

Technical Description:
-----------EXAMPLE EMAIL---------

[->a bunch of chars here [spaces are most stealth], the whole
file size will be just about 100KB]
[this causes the filter to not work... the code is then run


The pseudo-diagram above explains the scenario rather well.
For whatever reason, Yahoo's email filter simply does not
work on files which exceed a certain range. This kind of
software issue is relatively common.

A remarkable note about this bug is that no one seems to
have found it before.

As far as anyone knows.

Drew's Happy-Happy Quote for the Day:

Ben Franklin, "Three can keep a secret if two are dead."

Yahoo! Mail is a hosted, web based service, hence users
do not need to patch. Yahoo has already fixed this bug,
therefore all Yahoo accounts are now completely safe from

Vendor Status:
Yahoo! has been notified and has rectified the issue.

Drew Copley, eEye Digital Security (dcopley eeye.com), Research Engineer
thanks to "http-equiv" for additional research

Related Links:
Retina Network Security Scanner - Free 15 Day Trial

To all of you out there that don't use turn signals.
Sooner or later your time is going to come. And a special
greeting to all of these competitors of ours making some extra
cash by selling pre-fix vulnerabilities through pay for play
"mailing lists". I am sure North Korea, the Yakuza, the
"Triads", the Russian Mafiya, La Costa Nostra, and every
other criminal state or organization appreciates your type of
"Partial Full Disclosure for a Darn Good Price" motto.

Copyright (c) 1998-2004 eEye Digital Security
Permission is hereby granted for the redistribution of this
alert electronically. It is not to be edited in any way without
express consent of eEye. If you wish to reprint the whole or
any part of this alert in any other medium excluding electronic
medium, please email alert@eEye.com for permission.

The information within this paper may change without notice.
Use of this information constitutes acceptance for use in an
AS IS condition. There are no warranties, implied or express,
with regard to this information. In no event shall the author
be liable for any direct or indirect damages whatsoever arising
out of or in connection with the use or spread of this information.
Any use of this information is at the user's own risk.

Please send suggestions, updates, and comments to:

eEye Digital Security
Login or Register to add favorites

File Archive:

May 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    15 Files
  • 2
    May 2nd
    16 Files
  • 3
    May 3rd
    38 Files
  • 4
    May 4th
    15 Files
  • 5
    May 5th
    35 Files
  • 6
    May 6th
    0 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    8 Files
  • 9
    May 9th
    65 Files
  • 10
    May 10th
    19 Files
  • 11
    May 11th
    27 Files
  • 12
    May 12th
    8 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    1 Files
  • 15
    May 15th
    19 Files
  • 16
    May 16th
    66 Files
  • 17
    May 17th
    28 Files
  • 18
    May 18th
    32 Files
  • 19
    May 19th
    13 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    23 Files
  • 23
    May 23rd
    15 Files
  • 24
    May 24th
    49 Files
  • 25
    May 25th
    20 Files
  • 26
    May 26th
    13 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags


packet storm

© 2022 Packet Storm. All rights reserved.

Security Services
Hosting By