Full Disclosure mailing list archives
Re: Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability
From: Michael Strutton <strutton () corp earthlink net>
Date: Fri, 26 Jan 2007 16:48:38 -0500
-------- Original Message -------- Subject: [Full-disclosure] Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability Date: Fri, 26 Jan 2007 02:23:51 +0800 From: Ethan Hunt <m34r () hackermail com> To: full-disclosure () lists grok org uk Title: ------------------- Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability
A number of teams at EarthLink have reviewed both this claim and our code. We have concluded that this exploit does not exist. While we can not go into the details of our proprietary code, we can confirm validation methods are in place that would prevent an outsider from gaining access to the spamBlocker whitelist via these APIs. Thanks, Michael Strutton Director Product Management, Client Software EarthLink _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability Ethan Hunt (Jan 25)
- <Possible follow-ups>
- Re: Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability Michael Strutton (Jan 26)