All versions of Yahoo messenger version 5. Listens on port 5101 on client machine. (obviously to offload server traffic for IMs) problems: (for all of the problems listed below, the traffic is sent to the yahoo messenger opened port, 5101) 1. One can crash yahoo messenger by overflowing the message field in the yahoo protocol. 2. One can crash yahoo messenger by overflowing the IMvironment field in the yahoo protocol. 3. One can send a message as a spoofed name. 4. One can send many many messages from different names, flooding the person. 5. One can add a person to their buddy list (without their consent even), then message them a few times and that persons IP address will be sent in a message over yahoo's server. I would imagine there are many many more security problems to be found.
