Sales
0161 215 3700
0800 458 4545
Support
0800 230 0032
0161 215 3711

Netcraft detects Yahoo! vulnerability

Netcraft detects Yahoo! vulnerability

Amidst cutting more than 1,500 jobs and seeing its third quarter net income tumbling down 64 percent from last year's, Yahoo (www.yahoo.com) is now facing a website vulnerability being used to steal Yahoo users' identities.

Web analytics firm Netcraft (www.netcraft.com) has announced that its Netcraft toolbar community has found a flaw on a Yahoo website that is being exploited to steal Yahoo users' authentication cookies, which can be used to gain access to Yahoo accounts, such as Yahoo Mail.

According to a Sunday post from Netcraft, "The attack exploits a cross-site scripting vulnerability on Yahoo's HotJobs site at hotjobs.yahoo.com, which currently allows the attacker to inject obfuscated JavaScript into the affected page," wrote Netcraft's Paul Mutton. "The script steals the authentication cookies that are sent for the yahoo.com domain and passes them to a different website in the United States, where the attacker is harvesting stolen authentication details."

Cross-site scripting vulnerabilities can allow authenticated session data to be remotely accessed via cookie-stealing scripts, letting the attacker to use the same cookie values to hijack their victim's session without needing to log in. Netcraft advises administrators that this security flaw can usually be addressed by using HttpOnly cookies so scripts cannot gain access to cookies.

Netcraft noted that this is not the first time a Yahoo website has shown vulnerabilities, having caught malign users with their hands in the cookie jar before. They reported that attackers exploited a cross-site scripting vulnerability earlier in the year on its ychat.help.yahoo.com site, injecting malicious JavaScript code into one of the site's webpages.

As with the HotJobs vulnerability and the current one, Netcraft said simply visiting the infected pages on yahoo.com can be enough for a victim to fall prey to a phishing attack. Netcraft has implemented protection for Netcraft Toolbar users from these attacks, which warns users of the Yahoo URLs containing cross-site scripting elements. Netcraft has also contacted Yahoo about this flaw, although they report that the HotJobs vulnerability and the cookie harvesting script are both still present.

By David Hamilton

No responsibility can be taken for the content of external internet sites.


print this article

Return to hosting news headlines
View Hosting News Archive

Share with: