Vulnerability Development mailing list archives
Re: Netaddress and amexmail
From: fabio () TELEMAIL IT (Fabio Pietrosanti)
Date: Thu, 27 Apr 2000 09:10:39 +0200
Does you know the existance of cookie ? :) NaiF On Tue, 25 Apr 2000, Arturo Busleiman wrote:
Hi people. I've been using NetAdress and AmexMail (actually, the same company) for a couple of years now. I have one account in each one. Well, the point is that today I decided to play a little: I logged into my AmexMail account. After a successfull login you are redirected to http://www.amexmail.com/tpl/Door/SomeUniqueID/Welcome Ok, I opened a second browser and cut&pasted that into this new browser window, BUT changing amexmail by netaddress. Results? I had my account opened in two different browser windows, with the small difference that the sessions were different. In one I had the amexmail user interface, and in the other I had the netaddress user interface. I had no friends online at that moment to send'em the URL to see if they could login without supplying the password. Ok, I now this is kind of stupid, but who knows? Bye *> Get PGP KEY: use pgpk -a hkp://horowitz.surfnet.nl/buanzox () usa net *> Lista social de mail. Envia e-mail en blanco a lsb-subscribe () egroups com *> Panic? My kernel doesn't panic! We are doomed! DustDustDust!!!!
Current thread:
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. LiGHTNiNG (Apr 24)
- Re: Securax Security Advisory: Windows98 contains a seriousbufferoverflow with long filenameextensions. Markus Kern (Apr 25)
- <Possible follow-ups>
- Re: Securax Security Advisory: Windows98 contains a seriousbuffer overflow with long filenameextensions. Schockaert, Rudy (Apr 24)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Fabio Pietrosanti (Apr 27)
- Re: Netaddress and amexmail Blue Boar (Apr 27)
- Re: Netaddress and amexmail Marc Slemko (Apr 28)
- Re: Netaddress and amexmail Arturo Busleiman (Apr 28)
- Netaddress and amexmail Arturo Busleiman (Apr 25)
- Re: Netaddress and amexmail Stone (Apr 27)
- Exploit Ease Level Rory Savage (Apr 25)
- Re: Exploit Ease Level Max Vision (Apr 26)
- Re: Exploit Ease Level Rory Savage (Apr 28)
- Using php to bounce scan Thiebaut (Apr 28)
- Re: Using php to bounce scan Omachonu Ogali (Apr 28)
- Re: Using php to bounce scan Thiebaut (Apr 30)