[Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

Faisal Rauf Danka <[EMAIL PROTECTED]>To: [EMAIL PROTECTED]Subject: [Full-Disclosure] Hotmail & Passport (.NET Accounts) VulnerabilityHotmail & Passport (.NET Accounts) VulnerabilityThere is a very serious and stupid vulnerability or badcoding in Hotmail / Passport’s (.NETAccounts)I

[Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

Hotmail & Passport (.NET Accounts) Vulnerability There is a very serious and stupid vulnerability or badcoding in Hotmail / Passport’s (.NET Accounts) I tried sending emails several times to Hotmail / Passport contact addresses, but always met with the NLP bots. I guess I don’t need to go

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts)

May 08, Associated Press Microsoft admits Passport was vulnerable. Computer researcher Muhammad Faisal Rauf Danka of Pakistan discovered how to breach Microsoft Corp.'s security procedures for its Internet Passport service. The service is designed to protect customers visiting some retail Web site

[Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

Faisal Rauf Danka To: [EMAIL PROTECTED] Subject: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability Hotmail & Passport (.NET Accounts) Vulnerability There is a very serious and stupid vulnerability or badcoding in Hotmail / Passport’s (.NET Accounts) I tried sending emails

[Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

forg.pass.hotmail.com#$ [EMAIL PROTECTED] $#press $498774$ goto:[EMAIL PROTECTED] //value="yes" _ Las mejores tiendas, los precios mas bajos, entregas en todo el mundo, YupiMSN Compras: http://latam.msn.com/compras/ _

[Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

Hotmail & Passport (.NET Accounts) Vulnerability There is a very serious and stupid vulnerability or badcoding in Hotmail / Passport’s (.NET Accounts) I tried sending emails several times to Hotmail / Passport contact addresses, but always met with the NLP bots. I guess I don’t need to go i

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

one of the full-disclosure follow-ups reports, it does work. -- Forwarded message ------ Subject: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability ___ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

On Mon, 13 Oct 2003 13:55:49 CDT, Melissa Ferreira <[EMAIL PROTECTED]> said: > https://register.passport.net/emailpwdreset.srf?lc=1033&[EMAIL PROTECTED] om&id=&cb=&[EMAIL PROTECTED]&rst=1 Old. Already discovered by Muhammed Faisal and posted to this forum on 07 May. Is it in fact *still* funct

[Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability]

It does work, however, I believe you still need to know your old password to kick it over. -- Thanks, Dan Renner President Los Angeles Computerhelp 818-352-8700 http://losangelescomputerhelp.com ___ Full-Disclosure - We believe in it. Charter: http:

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

It did reset. - Original Message - From: "Christopher F. Herot" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]>; <[EMAIL PROTECTED]> Sent: Thursday, May 08, 2003 12:05 PM Subject: RE: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability > &

RE: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

what's-his-name said... "Is it me or ms never credit vulnerabilities according to http://www.microsoft.com/security/passport_issue.asp "a report was published detailing a security vulnerability(...)"? No more details or credit." ...and then asserted... "I also saw online news like http://www.vn

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

sword in the first place. Jon - Original Message - From: "fernando escobar" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Tuesday, April 20, 2004 2:27 PM Subject: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability > I am forwarding this a

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

On Tue, 20 Apr 2004 09:27:02 EDT, fernando escobar <[EMAIL PROTECTED]> said: > I am forwarding this as it may impact people whom depend on MSN or > passport systems for business reasons. Contrary to what at > least one of the full-disclosure follow-ups reports, it does work. *YAWN*. Old news. D

Re: [Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

Maybe you should email this one: [EMAIL PROTECTED] At least you'll get a reply, eh? ;-) ( apologies to Alexander MacLennan. ) Regards, tom. Tom Cleary - Security Architect "In IT, acceptable so

[Full-Disclosure] Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

:Hotmail & Passport (.NET Accounts) VulnerabilityThere is a very serious and stupid vulnerability or badcoding in Hotmail / Passport’s (.NETAccounts)I tried sending emails several times to Hotmail / Passport contact addresses, but always metwith the NLP bots.I guess I don’t need to go in deta

Re: [Full-Disclosure] Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

On Tue, 09 Nov 2004 19:40:08 +, CÃsar Renà Vega GarcÃa <[EMAIL PROTECTED]> wrote: > > > > > :Hotmail & Passport (.NET Accounts) Vulnerability > > There is a very serious and stupid vulnerability or badcoding in Hotmail / > PassportÃââs (.NET > Accounts) > > I tried sending emails several

Re: [Full-Disclosure] Full-Disclosure] Hotmail & Passport (.NET Accounts) Vulnerability

The last time I called Microsoft and tryed to report a security hole I was greeted by 1 moron, transfered to another who asked for $75 and then when I refused and asked to speak to his supervisor, he suggested that I use their security report web page... I wouldn't reccomend the phone route to