Bugtraq mailing list archives
Another web-based mail reader hole
From: dave () VICTIM COM (Dave Pifke)
Date: Mon, 18 Jan 1999 15:24:09 -0800
-----BEGIN PGP SIGNED MESSAGE----- This bug has been fixed in most webmail clients for quite some time now, but I guess some people just don't see security as a design priority. The free, web-based mail client at www.angelfire.com passes authentication data in the URL. So your authentication token hapilly gets logged if you use a proxy server or follow a link in a mail message (via the HTTP referrer header). Without really bothering to look deeper, it's quite likely that the web page editor at the same site uses the same authentication token or is susceptible to the same bug. - -- Dave Pifke, dave () victim com -----BEGIN PGP SIGNATURE----- Version: 2.6.2 iQCVAwUBNqPCnDuW2fOIQC3pAQHHvAP/YNBorT+DzITci/LygFmwq/2uc16Ok3rf yyYv1YwwyAc1xVPjqE4sd74UIRTUQWX/Bsqdx0jMEo0ujJF1nPgDOx2AADAG4Gq6 06JAsNoqCQizlOQ9c4anbQE1YqwfMdFA7MAx/gKGqbagyGfd6YKSUyH8hCSHUnlr LWNkNKwpquY= =9boA -----END PGP SIGNATURE-----
Current thread:
- Re: Sendmail 8.8.x/8.9.x bugware, (continued)
- Re: Sendmail 8.8.x/8.9.x bugware Michal Zalewski (Dec 12)
- Re: Sendmail 8.8.x/8.9.x bugware Frank Louwers (Jan 18)
- Win95/98 SMB Authentication Vulnerability (fwd) tschweik () FIDUCIA DE (Jan 18)
- [SECURITY] ftpwatch package has major security problems Jamie Fifield (Jan 17)
- Michal's report and sendmail-8.9.2 GvS (Jan 18)
- Re: Sendmail 8.8.x/8.9.x bugware Michal Zalewski (Dec 12)
- Re: Sendmail 8.8.x/8.9.x bugware Jens Hoffmann (Jan 16)
- Re: Sendmail 8.8.x/8.9.x bugware Alan Brown (Jan 17)
- Re: Sendmail 8.8.x/8.9.x bugware John Mizzi (Jan 17)
- Personal web server kiborg (Jan 17)
- Re: Personal web server Dave Pifke (Jan 18)
- Another web-based mail reader hole Dave Pifke (Jan 18)
- Re: Another web-based mail reader hole Peter van Dijk (Jan 19)
- Personal web server kiborg (Jan 17)
- Re: Sendmail 8.8.x/8.9.x bugware Michal Zalewski (Jan 18)
- Re: Sendmail 8.8.x/8.9.x bugware Nic Bellamy (Jan 19)
- NetBSD Security Advisory 1999-001: select(2)/accept(2) race Luke Mewburn (Jan 20)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)
- Mirc 5.5 'DCC Server' hole Spikeman (Jan 24)
- Re: Mirc 5.5 'DCC Server' hole Sandro Jurado (Jan 26)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Casper Dik (Jan 25)
- Announcement: Wietse's FTP site has moved Wietse Venema (Jan 25)
- Re: NetBSD Security Advisory 1999-001: select(2)/accept(2) race Alan Cox (Jan 23)