Bugtraq mailing list archives
Security hole in mail2web web-based emailservice
From: patrick () PINE NL (Patrick Oonk)
Date: Mon, 17 Jan 2000 14:43:53 +0100
Hi, My collegue Roy Froma was checking a httpd-log while debugging a web site script, and saw a strange looking referer in the log. When he copied this URL to his browser, he was suddenly reading somebody elses mail. Apparently this person had clicked on a link to our site in his email. The URL looked like this (wrapped for readability): http://www.mail2web.com/cgi-bin/readmsg.asp?listdirection=-1 &listperpage=10&msgnumber=1&abc=VERYLONGSTRINGGOINGONFORAGES After about five minutes the authentication expired, maybe due to the legitimate owner of the mail logging off from the service. Mail2web seems to be some kind of pop-to-web gateway, offered by the webhosting service Softcom. Nice quote from the Mail2web site: "Mail2Web lets you to have control on your email without the hassle. Your activities are private and none of them are being recorded." They have been notified. Patrick -- Patrick Oonk - PO1-6BONE - patrick () pine nl - www.pine.nl/~patrick Pine Internet B.V. GOAT666-RIPE PGP key ID BE7497F1 Tel: +31-70-3111010 - Fax: +31-70-3111011 - http://www.pine.nl/ ---- Pine Security Digest - http://security.nl/ (Dutch) ---- Excuse of the day: Your excuse is: The electricity substation in the car park blew up. <HR NOSHADE> <UL> <LI>application/pgp-signature attachment: stored </UL>
Current thread:
- Re: Anyone can take over virtually any domain on the net... Janos Zsako (Jan 13)
- <Possible follow-ups>
- Re: Anyone can take over virtually any domain on the net... Russ Johnson (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Ryan Russell (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Haight, Kristofer (Jan 13)
- Re: Anyone can take over virtually any domain on the net... Max Vision (Jan 14)
- Re: Anyone can take over virtually any domain on the net... BUGTRAQ () ROZZ COM (Jan 14)
- Re: Anyone can take over virtually any domain on the net... Bryan Fullerton (Jan 14)
- Re: Anyone can take over virtually any domain on the net... Homer Wilson Smith (Jan 15)
- [support_feedback () us-support external hp com: Security Bulletins Digest] Patrick Oonk (Jan 17)
- Security hole in mail2web web-based emailservice Patrick Oonk (Jan 17)
- Re: Anyone can take over virtually any domain on the net... Brian Mueller (Jan 17)
- Re: Anyone can take over virtually any domain on the net... root (Jan 14)