Hosting Provided By

RE: Yahoo Messenger Stale Sessions

From: <Leonard.Ong(at)nokia.com>
Date: Tue Nov 12 2002 - 20:38:58 EST

During my observation in daily use of Yahoo Messenger, my computer has "stale/zombie" sessions. For example, If i have received/message a friend, yahoo will normally make a direct connection from my PC to my friend. From Netstat result, you can see a high port on my computer is having an Established session with my peer's:5101 port.

The issue is, after a contact has gone offline (dial-up), the state established in the netstat will remain until the next day. I wouls see this as a vulnerabilities, since an arbitrary user can assume the IP Address was used (dial-up->dynamic ip assignment), and use this established session to assume it.

Any idea ?

Regards,
Leonard Ong
Network Security Specialist, APAC
NOKIA Email. Leonard.Ong@nokia.com

Mobile. +65 9431 6184
Phone.  +65 6723 1724
Fax.    +65 6723 1596



----------------------------------------------------------------------------

This list is provided by the SecurityFocus ARIS analyzer service. For more information on this free incident handling, management and tracking system please see: http://aris.securityfocus.com Received on Wed Nov 13 12:07:49 2002

This message: [ Message body ]
Next message: Jeremy Junginger: "Unicode Attack"
Previous message: Ingersoll, Jared: "scans on port 57"
Next in thread: David Gillett: "RE: Yahoo Messenger Stale Sessions"
Reply: David Gillett: "RE: Yahoo Messenger Stale Sessions"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:01:50 EDT