Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-11 Thread Giles Coochey
On Mon, October 10, 2011 19:58, Rack911 Security Lists wrote: American express also utilizing case-insensitive password storing. We have been informed by American Express that they will be carrying out maintenance to their authorisation system on Sunday 16 October 2011, between 02:00 and 03:00

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-10 Thread Rack911 Security Lists
American express also utilizing case-insensitive password storing. On 10/5/2011 11:55 PM, John Doe wrote: http://qnrq.se/full-disclosure-american-express/ ___ Full-Disclosure - We believe in it. Charter:

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-10 Thread Michael Schmidt
To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] 0day Full disclosure: American Express American express also utilizing case-insensitive password storing. On 10/5/2011 11:55 PM, John Doe wrote: http://qnrq.se/full-disclosure-american-express

[Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread John Doe
http://qnrq.se/full-disclosure-american-express/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread Dan Dart
That's NOT GOOD! :P ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread Carlos Alberto Lopez Perez
On 06/10/11 08:55, John Doe wrote: http://qnrq.se/full-disclosure-american-express/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread Andreas
Zitat von Carlos Alberto Lopez Perez clo...@igalia.com: American Express admins looks really worried by security At least they thought about the remote possibility of google indexing the admin panel, so they disabled it at https://www.americanexpress.com/robots.txt smart move :-)

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread resea...@vulnerability-lab.com
Hey Andreas, read the following article its fresh and new ... http://www.vulnerability-lab.com/dev/ This is 4 real ^^ Am 06.10.2011 12:18, schrieb Andreas: Zitat von Carlos Alberto Lopez Perez clo...@igalia.com: American Express admins looks really worried by security At least they

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread resea...@vulnerability-lab.com
ack Am 06.10.2011 14:38, schrieb resea...@vulnerability-lab.com: Hey Andreas, read the following article its fresh and new ... http://www.vulnerability-lab.com/dev/ This is 4 real ^^ Am 06.10.2011 12:18, schrieb Andreas: Zitat von Carlos Alberto Lopez Perez clo...@igalia.com: American

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread Michael Schmidt
-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] 0day Full disclosure: American Express On 06/10/11 08:55, John Doe wrote: http://qnrq.se/full-disclosure-american-express/ ___ Full-Disclosure - We believe in it. Charter: http

Re: [Full-disclosure] 0day Full disclosure: American Express

2011-10-06 Thread xD 0x41
Hello, I have had almost exactly the same thing here, with anz.com , and this is now ended but almost as bad as that! They were being scammed, and spam mails were actually makin it to the inbox and were half decent, so i tried, mutiple times to put in a 'contact form' wich kept resetting when