VeriSign's Bob Angus presents "Boost Margins and Retain Customers with Security and Trust" July 16 - Sign up!

Netcraft Detects Yahoo! Vulnerability

Tags:  security  Microsoft  Netcraft  Strato  Yahoo! 

  • By theWHIR.com , October 27, 2008

  •   Digg
      Delicious
    submit to reddit  Reddit
      Newsvine
      Stumbleupon
      Twitter
    Facebook

    (close)

    From:
    To:
    Share | Send | Print | Comments (0)

Verio Attracts Resellers with Free Month of VPS Hosting: Companies looking to boost revenues are finding Verio's Free VPS promotion the right fit for getting started as Hosting Reseller.

By David Hamilton, theWHIR.com

October 27, 2008 -- (WEB HOST INDUSTRY REVIEW) -- Amidst cutting more than 1,500 jobs and seeing its third quarter net income tumbling down 64 percent from last year's, Yahoo (www.yahoo.com) is now facing a website vulnerability being used to steal Yahoo users' identities.

Web analytics firm Netcraft (www.netcraft.com) has announced that its Netcraft toolbar community has found a flaw on a Yahoo website that is being exploited to steal Yahoo users' authentication cookies, which can be used to gain access to Yahoo accounts, such as Yahoo Mail.

UPDATE: In an email message to theWHIR Monday, Yahoo's HotJobs division stated the cross-site scripting vulnerability was quickly fixed. "The team was made aware of this particular Cross-Site Scripting issue yesterday morning (Sunday, October 26) and a fix was deployed within a matter of hours," read the statement. "Yahoo appreciates Netcraft's assistance in identifying this issue."

According to a Sunday post from Netcraft, "The attack exploits a cross-site scripting vulnerability on Yahoo's HotJobs site at hotjobs.yahoo.com, which currently allows the attacker to inject obfuscated JavaScript into the affected page," wrote Netcraft's Paul Mutton. "The script steals the authentication cookies that are sent for the yahoo.com domain and passes them to a different website in the United States, where the attacker is harvesting stolen authentication details."

Cross-site scripting vulnerabilities can allow authenticated session data to be remotely accessed via cookie-stealing scripts, letting the attacker to use the same cookie values to hijack their victim's session without needing to log in. Netcraft advises administrators that this security flaw can usually be addressed by using HttpOnly cookies so scripts cannot gain access to cookies.

Netcraft noted that this is not the first time a Yahoo website has shown vulnerabilities, having caught malign users with their hands in the cookie jar before. They reported that attackers exploited a cross-site scripting vulnerability earlier in the year on its ychat.help.yahoo.com site, injecting malicious JavaScript code into one of the site's webpages.

As with the HotJobs vulnerability and the current one, Netcraft said simply visiting the infected pages on yahoo.com can be enough for a victim to fall prey to a phishing attack. Netcraft has implemented protection for Netcraft Toolbar users from these attacks, which warns users of the Yahoo URLs containing cross-site scripting elements.

OLDER:  Keynote Releases Cloud Survey | NEWER:  Verio Revamps ViaVerio Program

Comment anonymously or log into your WHIR account

Logging in allows enhanced commenting features (such as external linking) in news, features, blogs and more.

User:

Pass:

(reset password)

Don't have an account yet? Register now!


 

Related Content

Most Popular