Serious Passport flaw uncovered

Subject: Serious Passport flaw uncovered
From: Stanley Long (slong@customcpu.com)
Date: Fri May 09 2003 - 15:32:24 AKDT

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Rob Cermak: "spam filtering/false positives"
• Previous message: bryan@ak.net: "Re: spam filtering"

News Security

Serious Passport flaw uncovered
By Robert Lemos
CNET News.com
May 8, 2003, 5:12 AM PT

The flaw, in Passport's password recovery mechanism, allowed an attacker
to change the password on any account to which the user name is known.
The flaw was disclosed late Wednesday night on the security mailing list
Full Disclosure.

   ...

  Danka claims to have found the issue after a friend's account had been
hacked.

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.

• Next message: Rob Cermak: "spam filtering/false positives"
• Previous message: bryan@ak.net: "Re: spam filtering"

This archive was generated by hypermail 2a23 : Fri May 09 2003 - 15:28:59 AKDT