Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

fulldisclosure logo Full Disclosure mailing list archives

AOL password issue
From: Michael Yandrischovitz <mike124 () gmail com>
Date: Wed, 12 Jan 2005 12:28:02 -0500
I recently discovered an interesting security issue with AOL 9.0SE
/AOL Messanger(suprise,suprise). If a user has an exsisting account
with AOL, and changes his or her account password, the old password
still works to log on to AIM. This lets the attacker access to all the
features of AIM, including webmail. I have only tested this with the
lastest versions of AOL and AIM.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

  By Date           By Thread  

Current thread:
  • AOL password issue Michael Yandrischovitz (Jan 12)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]