VULHUB ™

A vulnerability exists in build 733 of Yahoo!'s Instant Messenger Service client. Messenger listens on TCP port 5010 as long as the program is running. A remote attacker connecting to the IM user's open port 5010 will cause the IM client to crash, allowing a Denial of Service attack. The open port also allows an attacker to scan large networks and locate IM users with little effort. Build 734 of the IM client leaves port 5010 open but will not crash in response to an incoming connection.

A vulnerability exists in build 733 of Yahoo!'s Instant Messenger Service client. Messenger listens on TCP port 5010 as long as the program is running. A remote attacker connecting to the IM user's open port 5010 will cause the IM client to crash, allowing a Denial of Service attack. The open port also allows an attacker to scan large networks and locate IM users with little effort. Build 734 of the IM client leaves port 5010 open but will not crash in response to an incoming connection.