Re: [Full-Disclosure] MSN fake login website

From: w g (xillwillx_at_yahoo.com)
Date: 06/03/03

  • Next message: Nick FitzGerald: "Re: [Full-Disclosure] MSN fake login website"
    To: full-disclosure@lists.netsys.com
    Date: Mon, 2 Jun 2003 18:31:46 -0700 (PDT)
    

    i put in my username and password and nothing happened...i think its broken .. i should mail microsoft and tell them about the bug

    "Elkhatib, Ahmad" <khatib@engin.umich.edu> wrote:
    Hello list,

    This is a lame attempt from someone to collect MSN passport passwords.
    Users on MSN Messenger have been sent this URL which asks you for your
    passport login.

    http://www.geocities.com/dna_cta/FreeMsn.Html

    This is sent to the user in the context of an upgrade to MSN8. When a
    user logs in the person harvests the users contact list and sends the
    url to everyone in the list of the victim.

    Just posted this incase you all haven't seen this yet. Sorry in advance
    if this has been posted before.

    I have also CC'ed geocities/yahoo about this.

    ./Ahmad

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

    ---------------------------------
    Do you Yahoo!?
    Free online calendar with sync to Outlook(TM).
    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Nick FitzGerald: "Re: [Full-Disclosure] MSN fake login website"

    Relevant Pages

    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Facebook Attach EXE Vulnerability
      ... Nice bug, and, atleast you worked with them to reproduce, you realise ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... There has even been a bug filed that draws out great ways to psudo-mitigate ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
      (Full-Disclosure)
    • Re: [Full-disclosure] Filezillas silent caching of users credentials
      ... [Full-disclosure] Filezilla's silent caching of user's credentials ... I still see this a simple matter of violating KISS to introduce a layer of encryption. ... This bug is not being used to break into nuclear reactors in Iran, ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ...
      (Full-Disclosure)