> Oh, I've CC'd [EMAIL PROTECTED], but if someone else would
give them a proper write-up, and encourage
>
them to close the hole, that'd be wonderful.
Since
yahoo isn't known for fixing bugs fast unless it's serious (and even then),
here's something i wrote up today.
The
exploit is turned into a script-kiddish interface. Here's how it
works:
1) you
enter your email and the target (@yahoo.com) email
2) an
email with the exploit is sent to the target
3)
when the target opens the mail for reading, cookies get stolen and you
get a notification on the address specified
4)
further instructions on how to log in are on the site.
Tested on IExplore and Opera, works with both.
(I'm
taking it down when yahoo fixes it or people abuse it too
much)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/