[35577] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Brightmail leaks other user's spam

daemon@ATHENA.MIT.EDU (Thomas Springer)
Fri Jul 2 21:29:11 2004

Message-ID: <40E40F7C.8060207@gmx.net>
Date: Thu, 01 Jul 2004 15:19:56 +0200
From: Thomas Springer <tuevsec@gmx.net>
MIME-Version: 1.0
To: BUGTRAQ@securityfocus.com
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit

Brightmail Spamfilter 6.0 offer a possibility to manage mails 
identified as spam in a http-driven "control-center" on the 
Brightmail-Server via links like
http://SERVER:41080/brightmail/quarantine/viewMsgDetails.do?id=QMsgView-3;3-0

Simply altering the last numbers in the URL (3;3 to 4;4, eg.) shows 
other domain-users Spam-Mail without any authentication.

Confirmed with Version 6.0.0.100 and previous beta-versions.

Brightmails support is aware of the problem, but didn't bother to 
confirm the problem in the 6.0 final.

Thomas Springer
--
Nach mir der Synflood.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[35577] in bugtraq

Brightmail leaks other user's spam

daemon@ATHENA.MIT.EDU (Thomas Springer)Fri Jul 2 21:29:11 2004

daemon@ATHENA.MIT.EDU (Thomas Springer)
Fri Jul 2 21:29:11 2004