Remote code execution bug in Yahoo servers leads to root access

http://en.wikipedia.org/wiki/Yahoo!

Another now-closed bug in Yahoo’s servers have revealed that it was running an old server kernel allowing root access to its system, according to security researcher Ebrahim Hegazy.

Hegazy found that by manipulating one of the parameters in the URLs used in Yahoo Mail, he could cause the server to execute system commands remotely.

Tags: 

Read more: Remote code execution bug in Yahoo servers leads to root access

Story added 30. January 2014, content source with full text you can find at link above.