lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <a7cf042e050112092857c65e36@mail.gmail.com> From: mike124 at gmail.com (Michael Yandrischovitz) Subject: AOL password issue I recently discovered an interesting security issue with AOL 9.0SE /AOL Messanger(suprise,suprise). If a user has an exsisting account with AOL, and changes his or her account password, the old password still works to log on to AIM. This lets the attacker access to all the features of AIM, including webmail. I have only tested this with the lastest versions of AOL and AIM.
Powered by blists - more mailing lists