Yahoo Mail Authentication Bypass
[B]Yahoo Multiple Vulnerabilities[/B]
Various Yahoo! services are vulnerable to authentication bypass, session
binding, weak cookie encoding, cross-site scripting file inclusion and url
redirection vulnerabilities, which is caused due to improper validation of
user-supplied inputs.
*. Authentication Bypass and Session Binding Vulnerability.
A malicious user can log on to the yahoo without submitting the username
and password by constructing a malicious URL using cookies.
2. Cookie Encoding Security Weakness
*. Cross-Site Scripting.
4. URL redirection.
Full Story in [URL="http://www.xdisclose.com"]http://www.xdisclose.com[/URL]
_________________________________________________________________
What does it exactly mean
Hey Mike,
When I clicked on the link it just gave me a login page. What exactly did u mean by bypass of authentication process.
Please let me know.
Thanks.
Hack Victim
What does it exactly mean
Hey Toast and Icecold,
Please let me know what did u mean when u said it worked. for me its just giving me a login page. I need to know this as it might help me regain access to my hacked account. Please let me know.
Thanks.
D