Yahoo's Zimbra e-mail program exposes passwords

Email Story Add to Any Facebook Stumbleupon
uploaded by RayBanBro66 September 29, 2008 at 05:23 pm
26 views | 0 comments | 0 recommendations
Yahoo's Zimbra e-mail program exposes passwords by RayBanBro66
Yahoo's Zimbra e-mail program exposes passwords

Source: news.cnet.com

Passwords used to access Yahoo mail through the Zimbra client are sent over the Internet in clear text, a Canadian programmer says.

Holden Karau stumbled upon this problem while participating in the Yahoo University Hack Day at the University of Waterloo last week.

"The Yahoo imap server's used by the Yahoo Desktop don't support SSL and the password was being transmitted in plain text," Karau wrote in a blog post on Friday.

"What does this mean for you? If you use Zimbra to access your Yahoo mail, you almost certainly need to change your password and stop using Zimbra immediately (especially if you've ever done so over wireless)," he writes.

Source: news.cnet.com

He notified Yahoo about the problem during his presentation, but no one seemed concerned, he wrote in a post on Zimbra Forums.

A Zimbra representative wrote in a different post in that forum thread: "This problem has already been addressed in code, and fix is in the next release."

A Yahoo spokeswoman said she would check into the matter.

Source: news.cnet.com

Tags: , , , , , , , , , , , , , , , , , , , ,
Photo Properties
NP! ID: 1747818
Title: Yahoo's Zimbra e-mail program exposes passwords
File Size: 593 × 124 – 82.4 KB

Created: Mon, 09/29/2008 - 5:23pm
Modified: Mon, 09/29/2008 - 5:24pm

File Type: image (jpeg)
Licence: Creative Commons: Attribution-NoDerivs

Comments (0)

This photo was created over 3 months ago, the comment thread is now closed.

closeSign in to NowPublic

Not a member?

JoinIt's free!

is reporting from
Member
NP Rank: