Full Disclosure mailing list archives

Re: Researchers Uncover 'Massive Security Flaws' In Amazon Cloud

From: Jeffrey Walton <noloader () gmail com>
Date: Sun, 6 Nov 2011 18:32:33 -0500

On Sun, Nov 6, 2011 at 6:27 PM, Ivan . <ivanhec () gmail com> wrote:

http://www.crn.com/news/cloud/231901911/researchers-uncover-massive-security-flaws-in-amazon-cloud.htm;jsessionid=kT0u8aBKblF5Y14-kIidtA**.ecappj03

"We had free access to all customer data, including authentication
data, tokens, and even plain text passwords," said RUB researcher
Mario Heiderich. "It's a chain reaction. A security gap in the complex
Amazon shop always also directly causes a gap in the Amazon cloud."

Its very alarming that the passwords are stored in the plain text. It
speaks volumes to their security posture and [lack of] abilities.

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

Researchers Uncover 'Massive Security Flaws' In Amazon Cloud Ivan . (Nov 06)
- Re: Researchers Uncover 'Massive Security Flaws' In Amazon Cloud Jeffrey Walton (Nov 06)
  - Re: Researchers Uncover 'Massive Security Flaws' In Amazon Cloud xD 0x41 (Nov 06)