Vulnerability Development mailing list archives
Re: Netaddress and amexmail
From: robert.collins () ITDOMAIN COM AU (Robert Collins)
Date: Tue, 28 Mar 2000 16:59:15 +1000
It's my understanding that cookies can only be read by the same server that created them.. so if www.axemail.com creates a cookie, the www.netaddress.com server cannot read it. just my 20c Rob -----Original Message----- From: VULN-DEV List [mailto:VULN-DEV () SECURITYFOCUS COM]On Behalf Of Fabio Pietrosanti Sent: Thursday, 27 April 2000 5:11 PM To: VULN-DEV () SECURITYFOCUS COM Subject: Re: Netaddress and amexmail Does you know the existance of cookie ? :) NaiF On Tue, 25 Apr 2000, Arturo Busleiman wrote:
Hi people. I've been using NetAdress and AmexMail (actually, the same company)
for a
couple of years now. I have one account in each one. Well, the point is that today I decided to play a little: I logged into my AmexMail account. After a successfull login you are redirected to http://www.amexmail.com/tpl/Door/SomeUniqueID/Welcome Ok, I opened a second browser and cut&pasted that into this new
browser
window, BUT changing amexmail by netaddress. Results? I had my account opened in two different browser windows, with the
small
difference that the sessions were different. In one I had the amexmail user interface, and in the other I had the netaddress user interface. I had no friends online at that moment to send'em the URL to see if
they
could login without supplying the password. Ok, I now this is kind of stupid, but who knows? Bye *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net *> Lista social de mail. Envia e-mail en blanco a
lsb-subscribe () egroups com
*> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!
<HR NOSHADE> <UL> <LI>application/x-pkcs7-signature attachment: smime.p7s </UL>
Current thread:
- Re: Netaddress and amexmail Robert Collins (Mar 27)
- <Possible follow-ups>
- Re: Netaddress and amexmail Jose Romeo Vela (Apr 27)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 27)