[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-security] Security Issues with Openwebmail

Subject: [cobalt-security] Security Issues with Openwebmail
From: "Davide Crudo" <dcrudo@xxxxxxxxxxxxx>
Date: Thu, 29 Aug 2002 11:29:54 +0200
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

Has Anyone notice the following?

1) Log-in to openwebmail with www.site1.com/webmail/ 
and authenticate with  a user belonging to the website 1. (i.e. USER1)

2) Now Log-in again to openwebmail with www.site1.com/webmail/
BUT this time with a user belonging to another website.(i.e. USER2)

Suprise! User 2 sees the emails belonging to User 1! 


Regards,

Dave.

Follow-Ups:
- Re: [cobalt-security] Security Issues with Openwebmail
  - From: Menno M Jansz

References:
- [cobalt-security] Unwonted mail redirecting
  - From: Ilmars Knipshis

Prev by Date: Re: [cobalt-security] Re: [cobalt-announce] <<< Software Remove Notification For Sun Cobalt RaQ 4 >>> [OT] [severely]
Next by Date: Re: [cobalt-security] Security Issues with Openwebmail
Previous by thread: [cobalt-security] Unwonted mail redirecting
Next by thread: Re: [cobalt-security] Security Issues with Openwebmail

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index