dcsimg
Linux Today: Linux News On Internet Time.




More on LinuxToday


ZDNet: EarthLink flaw exposes domains

Oct 18, 2000, 07:41 (0 Talkback[s])
(Other stories by Robert Lemos)

"A one-two punch of poor security left up to 81,000 domains hosted by Internet service provider EarthLink Inc. open to defacement and exploitation for at least a week, ZDNet News learned on Tuesday."

"The vulnerability resulted from a recently discovered flaw in an open-source e-commerce package combined with a misconfigured hosting server operated by EarthLink subsidiary MindSpring. As a result, files containing the encrypted passwords for 81,000 accounts were readable by any Web browser."

"White-hat hacker and security expert Rain Forest Puppy said the extent of the security breach would rely on how MindSpring and its parent company EarthLink had configured its servers."

Complete Story

Related Stories: