GEN:SID 1:2456
Message CHAT Yahoo Messenger File Transfer Receive Request
Summary This event is generated when a host in your network that has Yahoo Instant Messenger running attempts to send a file to another Yahoo IM user.
Impact Possible policy violation.  Instant Messenger programs may not be appropriate in certain network environments.
Detailed Information It is possible that a file that is exchanged may contain malicious code such as as virus, worm, Trojan, or backdoor.  Also, since all exchanges are done via Yahoo IM servers and in clear text, there should be no expectation of privacy.  This may also provide a less scrutinized means of sharing unauthorized or inappropriate files with others.
Affected Systems Any host running Yahoo Instant Messenger.
Attack Scenarios A Yahoo IM user may unwittingly accept a malicious file.
Ease of Attack Easy to transfer a malicious file.
Corrective Action Disallow the use of IM clients on the protected network and enforce or implement an organization wide policy on the use of IM clients.
Additional References Yahoo Protocol
http://www.cse.iitb.ac.in/~varunk/YahooProtocol.htm