[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] Security Issues with Openwebmail
- Subject: Re: [cobalt-security] Security Issues with Openwebmail
- From: Menno M Jansz <lists@xxxxxxxxx>
- Date: Thu, 29 Aug 2002 13:19:25 +0100
- Organization: Jansz.com
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
29/08/2002 10:29:54, "Davide Crudo" <dcrudo@xxxxxxxxxxxxx> wrote:
>Has Anyone notice the following?
>
>1) Log-in to openwebmail with www.site1.com/webmail/
>and authenticate with a user belonging to the website 1. (i.e. USER1)
>
>2) Now Log-in again to openwebmail with www.site1.com/webmail/
>BUT this time with a user belonging to another website.(i.e. USER2)
>
>Suprise! User 2 sees the emails belonging to User 1!
>
>
>Regards,
>
>Dave.
>
I tried it but it didnt do that for me. I just get an incorrect password message when I try step 2.
Regards,
Menno
________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________