EarthLink Open Source Flaw: 81,000 Domains Exposed to Defacement

A one-two punch of poor security left up to 81,000 domains hosted by Internet service provider EarthLink Inc. open to defacement and exploitation for at least a week, ZDNet News learned on Tuesday. The vulnerability resulted from a recently discovered flaw . . . A one-two punch of poor security left up to 81,000 domains hosted by Internet service provider EarthLink Inc. open to defacement and exploitation for at least a week, ZDNet News learned on Tuesday. The vulnerability resulted from a recently discovered flaw in an open-source e-commerce package combined with a misconfigured hosting server operated by EarthLink (Nasdaq: ELNK) subsidiary MindSpring. As a result, files containing the encrypted passwords for 81,000 accounts were readable by any Web browser.

The link for this article located at ZDNet is no longer available.