Main Menu
Network
Sponsor
Top 10 Sites
Partners
|
|
Top Submit newsSubscribe 
Communication | Computer Crime | Digital Audio, Video, Photo | General News | Hardware | Internet | Mobile | PDA | Security | Software | Vulnerability |
Previous articleBack to news listNext article
| Sponsored links | Want to become one of our authors and see your work published on ALLSeek.iNFO ?
| | AOL Journals BlogID Incrementing Discloses Account Names and Email Addresses |
|---|
Categorie: Vulnerability
Posted: 2004-11-20 by ReCall
Views: 390
Source: Click here
| Current Rating: Not rated
|
| | Details |
|---|
Summary
AOL Journals is basically "America Online's version of a blog (weblog) for AOL members/subscribers (excludes AIM users). It allows them to post messages by logging into the service or by sending an instant message to the screen name 'AOL Journals'".
A vulnerability in AOL Journals BlogID allows an attacker to numbers provided to the program and enumerate a list of AOL members/subscribers and their corresponding email.
Details
The issue lies within the Atom/RSS feed option for users. There is a link on the journals that would allow users to get an Atom or RSS feed for that weblog. The webpage that pops up containing these links to the feeds displays the full path to the user's feed (which includes their username, which is subsequently their e-mail address). The link to the feeds, however, does not use the username in conjunction with the blog name. Instead it uses a BlogID number which appears to just be incremented as blogs are created.
Impact:
As a result an attacker could increment through the numbers and obtain thousands of user e-mail addresses. This flaw is especially noteworthy due to the easy and speed at which an attacker could obtain the usernames. Also, the username and blog names could be easily traversed through to gain information on the user that could be used in conjunction with targeted SPAM among other things.
Example:
Here is an example of the URL:
http://journals.aol.com/_do/rss_popup?blogID=#
Obviously replace # with a number. The current/newest ID# is in excess of 700000. Some numbers will return an error (they no longer exist) or they will be for the same username. If a user chooses to create a new blog it will start a new BlogID.
Workaround:
Don't tie the BlogID feed into the Atom/RSS feeds.
| | Syndication |
|---|
Permalink Email this
The URI to TrackBack this entry is:
http://allseek.info/news/trackback.php?id=1096
| | User comments (post your comments ) |
|---|
Only registerd members can post comments and articles
|
| Previous articleBack to news listNext article
|
|
|
|
InterJOB.su
|
