Tag: Burp Suite

Frontier Password Reset Bug Leaves Accounts Vulnerable

Frontier Password Reset Bug Leaves Accounts Vulnerable

Security researcher Ryan Stevenson recently identified a flaw in internet and cable giant Frontier’s account password reset method that allowed attackers to gain access to an account with just a username or email address. Stevenson said that he used Burp Suite, a network intercept tool, and a test account to automatically send hundreds of six-digit access code iterations to the browser, one after the other. He was able to show that a correct code returned a bigger server response than the incorrect codes. A Frontier spokesperson said that they have temporarily shut down the functionality out of caution while the […]