MSN Messenger Authentication DoS


Summary:


MSN Messenger does not validate user authentication when account logon fails, allowing attackers to cause the account of the victims to become temporarily suspended.



Details:


Any person can try to brute force a victim’s MSN messenger password, until MSN temporarily suspends the account. While the account is temporarily suspended, not even the real owner of the MSN Messenger Passport account can login (even if the correct password is used).



http://www.securiteam.com/windowsntfocus/6B00M20EKE.html

Leave a Reply