#1. Remote denial of service in Yahoo! Messenger.
#2. Yahoo! Chat activity can be monitored stealthily.
#3. Philippines warns emigrants about remittance scheme.
----------------------------------------------
#1. Remote denial of service in Yahoo! Messenger.
From: http://www.pandasoftware.com
Madrid, May 19, 2005 - A vulnerability has been reported in Yahoo!
Messenger that could lead to a denial of service, with remote attackers being able to disconnect users from Chat sessions.
The problem lies in the way that Yahoo! Messenger processes arguments in YMSGR: URL handler links. An attacker modifying the links with certain characters after the colon could create malformed packets to send to Yahoo! YMSG servers. When these packets are sent, Yahoo! will immediately disconnect users from the chat session.
The problem affects Yahoo! Messenger versions 5.0 and 6.0 and all details have been published along with proof of concepts with malicious urls that could disconnect a user.
To view this ALERT online, use the following link: http://www.securiteam.com/windowsntfocus/5HP0H20FPE.html
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
----------------------------------------------
#2. Yahoo! Chat activity can be monitored stealthily.
A vulnerability exists in Yahoo!'s Chat servers allows chatters to be added to your friends list completely without their knowledge or authorization.
To view this ALERT online, use the following link: http://www.securiteam.com/windowsntfocus/5IP0I20FPO.html
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
----------------------------------------------
#3. Philippines warns emigrants about remittance scheme.
The Department of Labor and Employment of the Philippines is asking Filipino workers abroad to watch out for illegal money remitters following reports that these agents are using remittances to launder money for jeuteng, or illegal gambling, lords.
To view this ALERT online, use the following link: http://www.moneylaundering.com/NewsBriefDisplay.aspx?id=763
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
=============================================
Our Alh Webmaster Alerts Archive has Alerts, Recalls and Warnings and can be viewed at: http://alh1.blogdrive.com/
You can POST YOUR ALERTS on our site. If you have an alert to post online, visit our Post Alerts site at: http://www.the-alh.com/postalts.htm Or at: http://alh-alerts.blogdrive.com/
Send this e-mail to family, friends and associates.
Please forward this e-mail to your family, friends and associates. If you received this from someone and wish to subscribe to our FREE e-mail Alert service, please use the following link: http://www.the-alh.com/#Our
Our FREE e-mail Alert mailing-list subscription service is totally confidential. We DO NOT pass your e-mail address on (in any way, shape or form) to anyone else.
Also, we DO NOT endorse any products or services and we DO NOT work in conjunction with any marketing agencies (direct or otherwise) of any kind. However, sometimes we do suggest (and occaissionally recomend) a product or service we have either worked with or believe would be in your best interest.
If any marketer contacts you claiming that we sent them to you, forward their entire e-mail (with full headers) As Soon As Possible to: A0-3@alh_webmaster.mailshell.com (so we can retailiate [pay-um-back])
#2. Yahoo! Chat activity can be monitored stealthily.
#3. Philippines warns emigrants about remittance scheme.
----------------------------------------------
#1. Remote denial of service in Yahoo! Messenger.
From: http://www.pandasoftware.com
Madrid, May 19, 2005 - A vulnerability has been reported in Yahoo!
Messenger that could lead to a denial of service, with remote attackers being able to disconnect users from Chat sessions.
The problem lies in the way that Yahoo! Messenger processes arguments in YMSGR: URL handler links. An attacker modifying the links with certain characters after the colon could create malformed packets to send to Yahoo! YMSG servers. When these packets are sent, Yahoo! will immediately disconnect users from the chat session.
The problem affects Yahoo! Messenger versions 5.0 and 6.0 and all details have been published along with proof of concepts with malicious urls that could disconnect a user.
To view this ALERT online, use the following link: http://www.securiteam.com/windowsntfocus/5HP0H20FPE.html
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
----------------------------------------------
#2. Yahoo! Chat activity can be monitored stealthily.
A vulnerability exists in Yahoo!'s Chat servers allows chatters to be added to your friends list completely without their knowledge or authorization.
To view this ALERT online, use the following link: http://www.securiteam.com/windowsntfocus/5IP0I20FPO.html
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
----------------------------------------------
#3. Philippines warns emigrants about remittance scheme.
The Department of Labor and Employment of the Philippines is asking Filipino workers abroad to watch out for illegal money remitters following reports that these agents are using remittances to launder money for jeuteng, or illegal gambling, lords.
To view this ALERT online, use the following link: http://www.moneylaundering.com/NewsBriefDisplay.aspx?id=763
(You may need to copy and paste this link if you're using hotmail, msn, aol or some other mail services.)
=============================================
Our Alh Webmaster Alerts Archive has Alerts, Recalls and Warnings and can be viewed at: http://alh1.blogdrive.com/
You can POST YOUR ALERTS on our site. If you have an alert to post online, visit our Post Alerts site at: http://www.the-alh.com/postalts.htm Or at: http://alh-alerts.blogdrive.com/
Send this e-mail to family, friends and associates.
Please forward this e-mail to your family, friends and associates. If you received this from someone and wish to subscribe to our FREE e-mail Alert service, please use the following link: http://www.the-alh.com/#Our
Our FREE e-mail Alert mailing-list subscription service is totally confidential. We DO NOT pass your e-mail address on (in any way, shape or form) to anyone else.
Also, we DO NOT endorse any products or services and we DO NOT work in conjunction with any marketing agencies (direct or otherwise) of any kind. However, sometimes we do suggest (and occaissionally recomend) a product or service we have either worked with or believe would be in your best interest.
If any marketer contacts you claiming that we sent them to you, forward their entire e-mail (with full headers) As Soon As Possible to: A0-3@alh_webmaster.mailshell.com (so we can retailiate [pay-um-back])