Bugtraq mailing list archives
address.com: email vulnerability
From: wannabe anonymousplease <i_wanna_be_anonymous () yahoo com>
Date: Tue, 8 Jan 2002 18:52:31 -0800 (PST)
www.address.com has a vulnerability that allows reading the email of other users. address.com offers, among other things, free email (similar to hotmail.com). However, the registration allows you to overwrite existing accounts. If it does, the password is overwritten, and the new user takes control of the account (the former user will no longer know the password). However, the emails of the former user remain. In attempting to ask address.com to look into this issue, I was told they couldn't help because I wasn't a premium member. __________________________________________________ Do You Yahoo!? Send FREE video emails in Yahoo! Mail! http://promo.yahoo.com/videomail/
Current thread:
- address.com: email vulnerability wannabe anonymousplease (Jan 10)
- <Possible follow-ups>
- RE: address.com: email vulnerability Robert Ellis (Jan 12)