Could you believe that Yahoo has a vulnerability which could allow to delete their users’ database, yes it is something like that.
This time an Egyptian security researcher named ‘Ibrahim Raafat‘ found an extremely dangerous vulnerability in yahoo blog ‘suggestions.yahoo.com‘ which allow an attacker to delete any post or thread from the Yahoo suggestion website.
This is clearly an ‘Insecure Direct Object Reference Vulnerability.’
If this flaw exploited in the wild before reporting to Yahoo, it could delete more than 365,000 posts and 1,155,000 comments from Yahoo! Database, below are more details about the Flaw:
While deleting the comments, Ibrahim noticed out the HTTP POST request, something like below:
prop=addressbook&fid=514963&crumb=Q8.HUTKfBe.&cid=1236547890&cmd=delete_comment
where ‘fid‘ is the topic id and ‘cid‘ is the comment ID, he tested out the flaw by changing the parameters to other comment and topic id, he found the flaw is working without any authentication and he was able to delete comments or POST made by others.
Ibrahim also demonstrated the flaw:
Ibrahim reported this critical vulnerability to Yahoo and he also has got his bounty. Meantime the vulnerability has been fixed by Yahoo.
Yahoo already found vulnerable many times in the past.
