[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Full-Disclosure] RE: Hotmail & Passport (.NET Accounts) Vulnerability
- To: <full-disclosure@xxxxxxxxxxxxxxxx>
- Subject: [Full-Disclosure] RE: Hotmail & Passport (.NET Accounts) Vulnerability
- From: "Ihsan-ur-Rehman" <ihsan.rehman@xxxxxxxxxxxx>
- Date: Thu, 22 Apr 2004 15:28:07 +0500
Now finally the flaw seems to be corrected. Zone-H only concern was that
Muhammad Faisal Rauf Danka had written to Microsoft/Hotmail more that 10
mails from the 12th of April and he didn't receive any answer. Hotmail
has been vulnerable for all this time long. Now that the flaw has been
corrected, not a simple "THANK YOU" has been sent from Hotmail security
staff to Muhammad Faisal Rauf Danka.
As to say, don't complain too much then if whitehats are disappearing
from the world surface...
SyS64738 comment:
How much does it take to Hotmail or Microsoft to say a simple "thank
you" to the good MFRD that was constantly mailing them about this flaw
that could have led to a DISASTER for Hotmail customers? This is basic
education my two kids have already learned...
SyS64738 post comment: I finally received from Muhammad Faisal Rauf
Danka this message:
*******************
"I am now as a matter of fact happy that finally the issue has been
resolved Microsoft has contacted me. And things are in control."
*******************
So the story had a happy end, zone-h just hopes that the next time
Microsoft won't wait until the issue gets public in order to patch a
reported vulnerability/flaw.
Source = http://www.zone-h.org/en/news/read/id=2666/
Sincerely,
Ihsan Malik.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html