Bugtraq mailing list archives
Webmail.bellsouth.net security problems
From: wiseleo () BEST COM (Leonid S. Knyshov)
Date: Tue, 25 Aug 1998 15:39:11 -0700
Dear Bugtraq readers and security at Bellsouth Upon examining my log files, I came across an interesting fact. Background: As part of my Internet marketing efforts, I read web log files daily to see if anything interesting comes up. Just today I was reading my logs this way: grep welcome.html access.log And among others there was this entry: *.*.*.* - - [25/Aug/1998:07:28:02 -0700] "GET /welcome.html HTTP/1.0" 20 0 4427 "http://webmail.bellsouth.net/WebEmail?FormName=ReadMail&WebMail-Action=W ebMail-MessageContent&WebMail-MsgNdx=3&WebMail-St=&WebMail-MailBox=INBOX&SEQ=Xnn -43_tE0_PB9GePBFs8txjXohB-IdE&WebMail-MsgCount=69&locale=en&ver=2.0.0&dyn=" "Moz illa/3.02Gold (WinNT; I)" Naturally that sparked my interest, so I went to that exact same URL. I was greeted with a message that 2 hours passed and I am logged off, but that's not a good thing. Concerns: Bellsouth.net webmail customers accounts may be easily abused Investigation: Just created an account to check out features, POP3 access without additional authentication I presume Oh my God... There is a tab "Personal Info" *gasp*... Address, phone number, place of work, etc. Obviously this is unacceptable. Incredibly easy to bypass security. One attack would be: to: unsuspecting_user () webmail bellsouth net subject: check out my site! Hey buddy, check out my site! http://www.crashproofpc.com If they click they send me their UNLOCKED mailibox location via HTTP_REFERER, and if I have access to log files, I can easily get into that account and cause a great deal of trouble. I won't go into any further details :) -- Leonid S. Knyshov Information Technology Consultant Crashproof Solutions - "Keeping true to our name!" http://www.crashproofpc.com
Current thread:
- Serious Security Hole in Hotmail Tom Cervenka (Aug 24)
- Re: Serious Security Hole in Hotmail Jeff Mcadams (Aug 25)
- Re: Serious Security Hole in Hotmail Jonathan A. Zdziarski - Systems Administrator (Aug 25)
- Webmail.bellsouth.net security problems Leonid S. Knyshov (Aug 25)
- Re: Webmail.bellsouth.net security problems Marc Slemko (Aug 25)
- Re: Webmail.bellsouth.net security problems Edward S. Marshall (Aug 25)
- Re: Webmail.bellsouth.net security problems Kragen (Aug 25)
- [paul () boehm org: [cert-advisory () cert org: CERT Summary CS-98.07]] Paul Boehm (Aug 26)
- [djb () redhat com: Unidentified subject!] Paul Boehm (Aug 26)
- SV: Serious Security Hole in Hotmail Jonathan James (Aug 26)
- Re: Webmail.bellsouth.net security problems Joe (Aug 28)
- [SECURITY] Seyon is vulnerable to a root exploit Martin Schulze (Aug 28)
- Update on Linux unfsd Olaf Kirch (Aug 29)
- Buffer overflows in Minicom 1.80.1 Eduardo Navarro (Aug 29)
- Re: Serious Security Hole in Hotmail Jeff Mcadams (Aug 25)