[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-security] Security Issues with Openwebmail

Subject: Re: [cobalt-security] Security Issues with Openwebmail
From: Menno M Jansz <lists@xxxxxxxxx>
Date: Thu, 29 Aug 2002 13:19:25 +0100
Organization: Jansz.com
List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>

29/08/2002 10:29:54, "Davide Crudo" <dcrudo@xxxxxxxxxxxxx> wrote:

>Has Anyone notice the following?
>
>1) Log-in to openwebmail with www.site1.com/webmail/ 
>and authenticate with  a user belonging to the website 1. (i.e. USER1)
>
>2) Now Log-in again to openwebmail with www.site1.com/webmail/
>BUT this time with a user belonging to another website.(i.e. USER2)
>
>Suprise! User 2 sees the emails belonging to User 1! 
>
>
>Regards,
>
>Dave.
>

I tried it but it didnt do that for me. I just get an incorrect password message when I try step 2.

Regards,
Menno

________________________________________________________________________
This email has been scanned for all viruses by the MessageLabs SkyScan
service. For more information on a proactive anti-virus service working
around the clock, around the globe, visit http://www.messagelabs.com
________________________________________________________________________

References:
- [cobalt-security] Security Issues with Openwebmail
  - From: Davide Crudo

Prev by Date: [cobalt-security] Security Issues with Openwebmail
Next by Date: Re: [cobalt-security] Re: [cobalt-announce] <<< Software Remove Notification For Sun Cobalt RaQ 4 >>> [OT] [severely]
Previous by thread: [cobalt-security] Security Issues with Openwebmail
Next by thread: RE: [cobalt-security] sendmail

Sun Cobalt Security Message Index

Sun Cobalt Security Thread Index