|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: PLAXO: is that a cure or a disease?
From: Rikk Carey (rikk
SBCGLOBAL.NET)
Date: Mon Mar 15 2004 - 00:22:36 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Sunday, March 14, 2004
Plaxo has patched the vulnerability by correctly escaping reply
contents.
No damage was done besides the test account used. Theoretical damage
was limited to individuals that entered the email address of a malicious
party in their address book (i.e. narrow).
Thanks to the community for alerting us to this issue. In the future,
if you find a vulnerability, please send to us first (trustplaxo.com)
so that we have a chance to fix before publishing o bad guys.
Thanks again.
--
rikk carey
rikkplaxo.com
vp of engineering
plaxo, inc.
-----
NTBugtraq Editor's Note:
Want to reply to the person who sent this message? This list is configured such that just hitting reply is going to result in the message coming to the list, not to the individual who sent the message. This was done to help reduce the number of Out of Office messages posters received. So if you want to send a reply just to the poster, you''ll have to copy their email address out of the message and place it in your TO: field.
-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]