2 min read

Remote Code Injection Vulnerability Found on Yahoo, Microsoft and Orange Subdomains

Lucian Ciolacu

May 19, 2014

Remote Code Injection Vulnerability Found on Yahoo, Microsoft and Orange Subdomains

A Remote code injection vulnerability was found on the subdomains of Yahoo, Microsoft and Orange by being escalated from an Unauthorized Admin Access, according to Ibrahim Hegazy’s blog post.

A fix has been issued for the vulnerability from Yahoo and Microsoft.

Hegazy found the Unauthorized Admin Access during his research in the Yahoo Bug Bounty Program, as the administrator panel never requested login credentials.

Image Credits: Security Down

“Of course I could have created that file with a code to give me Remote Command Execution Privilege, but I saw it was a good/enough POC,” Hegazy said. “Imagine a Black-Hat with this vulnerability, creating his ËœIframed` aspx page with its malicious content on such highly ranked/trusted domains of Yahoo.net MSN.com Orange.es and more!!”

The vulnerability originated from the content delivery service that supplied Yahoo, Microsoft and Orange subdomains with horoscope data.

Image Credits: Security Down

It enabled the arbitrary code execution just by uploading ONE “.aspx” file that would then affect all subdomains, as follows:

Yahoo:

http://pe.horoscopo.yahoo.net

http://mx.horoscopo.yahoo.net

http://ar.horoscopo.yahoo.net

http://co.horoscopo.yahoo.net

http://cl.horoscopo.yahoo.net

http://espanol.horoscopo.yahoo.net

Microsoft MSN:

http://astrocentro.latino.msn.com/

http://astrologia.latino.msn.com/

http://horoscopo.es.msn.com/

http://horoscopos.prodigy.msn.com

Orange:

http://astrocentro.mujer.orange.es

This is a good example on how Bug Bounty Programs enable researchers to find and report vulnerabilities before they are exploited for malicious purposes. In the worst case scenario, if this vulnerability were found by cyber-criminals, it could have affected countless users.

tags


Author



Right now

Top posts

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

Watch Out for These Ongoing Bank of America Phishing Campaigns Targeting Customers in the US

July 16, 2021

3 min read
How to protect yourself against cyberstalking

How to protect yourself against cyberstalking

July 06, 2021

2 min read
The Top Five Security Risks Smartphone Users Face Today

The Top Five Security Risks Smartphone Users Face Today

July 02, 2021

4 min read
Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

Phishing Alert: Scammers Use Fake SharePoint and DocuSign Messages to Steal Users’ Login Credentials

July 02, 2021

3 min read
Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

Your Doxxing Dossier Will Keep Growing Thicker Until You See the Danger

June 30, 2021

2 min read
Mobile security threats: reality or myth?

Mobile security threats: reality or myth?

June 13, 2021

3 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands Fraud Family cybercrime ring under the spotlight as arrests made in the Netherlands
Graham CLULEY

July 23, 2021

3 min read
Homoglyph domains used in BEC scams shut down by Microsoft Homoglyph domains used in BEC scams shut down by Microsoft
Graham CLULEY

July 22, 2021

3 min read
China Sets Up New Worrying Vulnerability Disclosure Rules China Sets Up New Worrying Vulnerability Disclosure Rules
Silviu STAHIE

July 20, 2021

1 min read