RE: login yahoogroups.

From: Brenna Primrose (drxlecterat_private)
Date: Sat Jun 22 2002 - 10:20:33 PDT

  • Next message: Jedi/Sector One: "Another flaw in Apache?"

    Confirmed with Internet Explorer 6
    
    Login: absolut_contagion} - works
    Login: absolut_contagion+ - does not work
    Login: absolut_contagion' - works
    
    Confirmed with Mozilla 1.1a
    
    Login: absolut_contagion} - works
    Login: absolut_contagion+ - does not work
    Login: absolut_contagion' - works
    
    I was able to reproduce this on http://groups.yahoo.com - I will
    continue to investigate the limitations of the "junk" characters after
    the user name.  I will also see if this works on other parts of Yahoo of
    if it is limited to Groups.
    
    Brenna
    
    AIM - abosolut x psycho
    Yahoo! - absolut_contagion
    ICQ - 1363187
    MSN - r00tat_private
    http://gsa.creighton.edu
    http://profiles.yahoo.com/absolut_contagion
    -----BEGIN GEEK CODE BLOCK-----
    Version: 3.12
    GSS d-- s: a-- C++ UL++++ P+ L+ E W++ N+ o-- K- w+ 
    O-- M V-- PS++ PE Y+ PGP- t-- 5-- X++ R- tv+ b+++ DI D+ 
    G e* h- r++ x+ 
    ------END GEEK CODE BLOCK------
    
    -----Original Message-----
    From: Arturo "Buanzo" Busleiman [mailto:buanzoat_private] 
    Sent: Saturday, June 22, 2002 12:06 PM
    To: Alonso Caballero
    Cc: vuln-devat_private
    Subject: Re: login yahoogroups.
    
    On Sat, 22 Jun 2002, Alonso Caballero wrote:
    
    >   Saludos:
    Greetings, my RareGaZz TEAM Partner. How cool to meet you here.
    
    >   And after typed my password, and... for my surprise... I log in
    > succesfully to my yahoo account;
    
    Which Yahoo client are you using? Windows original? I mean, are you sure
    the password is not saved anywhere? Have you tried with other accounts?
    
    
    Has anyone been able to verify this?
    
    Arturo "Buanzo" Busleiman
    RareGaZz Team
    www.buanzo.com.ar
    



    This archive was generated by hypermail 2b30 : Sat Jun 22 2002 - 12:06:16 PDT