Full Disclosure mailing list archives
Re: Security flaw in Full Disclosure mailing list
From: Eric G <eric () nixwizard net>
Date: Wed, 2 Apr 2014 14:39:13 -0400
When you sign up on the web page it explicitly tells you to not choose a good password because it will be emailed to you in plain text. Then it also tells you that if you leave the password field blank, an auto generated password will be emailed to you. I chose to leave the field blank and let it email me a randomly generated password. If some bad guy sniffed my smtp session and can administer my er, FD digest settings or whatever then so be it I guess. Just my two cents. Eric http://www.linkedin.com/in/ericgearhart On Apr 2, 2014 11:28 AM, "Nick Lindridge" <nick () ioncube com> wrote:
Hi Apologies if this has been pointed out before, hard to imagine that it hasn't really. When signing up for the list, I was surprised that it emailed back my password in plain text. Can this security flaw be addressed? Nick _______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
_______________________________________________ Sent through the Full Disclosure mailing list http://nmap.org/mailman/listinfo/fulldisclosure Web Archives & RSS: http://seclists.org/fulldisclosure/
Current thread:
- Security flaw in Full Disclosure mailing list Nick Lindridge (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Ron (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Reindl Harald (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Eric G (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jimmy Crossley (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jim Popovitch (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Ron (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jim Popovitch (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Jeffrey Walton (Apr 02)
- Re: Security flaw in Full Disclosure mailing list George Chatzisofroniou (Apr 03)
- Re: Security flaw in Full Disclosure mailing list Fyodor (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Michal Zalewski (Apr 02)
- Re: Security flaw in Full Disclosure mailing list Brandon Perry (Apr 02)
- Message not available
- Re: Security flaw in Full Disclosure mailing list Brandon Perry (Apr 02)