[23962] in bugtraq
Re: USPS Online Bill Pay - Cleartext Password Leakage (resolved)
daemon@ATHENA.MIT.EDU (Matthew Dent)
Wed Jan 23 14:02:24 2002
Message-ID: <20020123021901.7006.qmail@web11601.mail.yahoo.com>
Date: Tue, 22 Jan 2002 18:19:01 -0800 (PST)
From: Matthew Dent <dentm@yahoo.com>
To: bugtraq@securityfocus.com
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
The issue reported a couple of days ago regarding
password leakage on the USPS online bill payment
system has been resolved by USPS.
They are currently investigating why it had not come
to the attention of the appropriate people with my
first notification to them.
One point of clarification, Initial contact was made
with USPS on 1/3/2002, not 1/1/2002 as reported in the
original incident. The error in date was inadvertant
(6 point font is really hard to read when your eyes
are tired), but should still be noted.
Matthew Dent
__________________________________________________
Do You Yahoo!?
Send FREE video emails in Yahoo! Mail!
http://promo.yahoo.com/videomail/
