Vulnerability Development mailing list archives
Re: Netaddress and amexmail
From: jrvela () YAHOO COM (Jose Romeo Vela)
Date: Thu, 27 Apr 2000 08:05:05 -0700
It sounds like both interfaces use the same http cookies. Had you sent the URL to your friends they would have not been able to login becuase they would have had the cookies. --- Arturo Busleiman <buanzox () USA NET> wrote:
Hi people. I've been using NetAdress and AmexMail (actually, the same company) for a couple of years now. I have one account in each one. Well, the point is that today I decided to play a little: I logged into my AmexMail account. After a successfull login you are redirected to http://www.amexmail.com/tpl/Door/SomeUniqueID/Welcome Ok, I opened a second browser and cut&pasted that into this new browser window, BUT changing amexmail by netaddress. Results? I had my account opened in two different browser windows, with the small difference that the sessions were different. In one I had the amexmail user interface, and in the other I had the netaddress user interface. I had no friends online at that moment to send'em the URL to see if they could login without supplying the password. Ok, I now this is kind of stupid, but who knows? Bye *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net *> Lista social de mail. Envia e-mail en blanco a lsb-subscribe () egroups com *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!
===== Regards. Jose Romeo Vela http://www.geocities.com/yosemite/geyser/1286 jrvela () yahoo com __________________________________________________ Do You Yahoo!? Talk to your friends online and get email alerts with Yahoo! Messenger. http://im.yahoo.com/
Current thread:
- Re: Netaddress and amexmail Robert Collins (Mar 27)
- <Possible follow-ups>
- Re: Netaddress and amexmail Jose Romeo Vela (Apr 27)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 27)