| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <5C981BE1-2141-4E01-9176-AF5739BD7740@corp.earthlink.net> Date: Fri, 26 Jan 2007 16:48:38 -0500 From: Michael Strutton <strutton@...p.earthlink.net> To: full-disclosure@...ts.grok.org.uk Subject: Re: Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability > -------- Original Message -------- > Subject: [Full-disclosure] Earthlink TotalAccess ActiveX Unsafe > Methods Vulnerability > Date: Fri, 26 Jan 2007 02:23:51 +0800 > From: Ethan Hunt <m34r@...kermail.com> > To: full-disclosure@...ts.grok.org.uk > > Title: > ------------------- > Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability > A number of teams at EarthLink have reviewed both this claim and our code. We have concluded that this exploit does not exist. While we can not go into the details of our proprietary code, we can confirm validation methods are in place that would prevent an outsider from gaining access to the spamBlocker whitelist via these APIs. Thanks, Michael Strutton Director Product Management, Client Software EarthLink _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists