[5398] in bugtraq
Re: Security flaws in Yahoo Mail
daemon@ATHENA.MIT.EDU (Andrew Brown)
Wed Oct 15 00:41:43 1997
Errors-To: receipts@daemon.org
Date: Tue, 14 Oct 1997 23:34:39 -0400
Reply-To: Andrew Brown <codewarrior@daemon.org>
From: Andrew Brown <codewarrior@DAEMON.ORG>
X-To: marcs@ZNEP.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.BSF.3.95.971013103246.27805C-100000@alive.znep.com> from
"Marc Slemko" at Oct 13, 97 10:54:50 am
>I'm not particularily thrilled with Hotmail's setup either. I am sure
>this must have been discussed before, but can't recall it so...
>
>From what I can tell, it authenticates you based on the URL you ask
>for (some user information is embedded in it; not the password though)
>and the IP address you are coming from. I'm assuming there is some
>timeout on the IP address; hmm... looking further, perhaps not. It may
>just keep the last used one.
heh heh. i think this just "happened" to my web server. i amuse
myself by reading the logs and wondering about most of the hits and
referrals. then this one struck me:
http://207.82.250.251/cgi-bin/getmsg?disk=207.82.250.103_d7&login=fofer&f=33795&curmbox=ilmrr&msg=MSG876680194.0&start=39557&len=913
i found it amusing. so i dug a little deeper and concluded that it
was this hit in my access log.
200.23.241.120 - - [12/Oct/1997:23:29:43 -0400] "GET / HTTP/1.0" 200 1717
now then, 200.23.241.120 maps to gdl1_b_120.uninet.net.mx (i have no
idea why it didn't two nights ago when my web server tried to look it
up), and 207.82.250.251 is an address for www.hotmail.com.
anyway, when i tried to access the url from the referers log, i got a
page that said:
We're Sorry, We Cannot
Process Your Request
Reason: Intrusion Logged. Access denied.
so apparently i'm an "intruder". ooh! i'm scared!
--
|-----< "CODE WARRIOR" >-----|
andrew@echonyc.com (TheMan) * "ah! i see you have the internet
codewarrior@daemon.org that goes *ping*!"
warfare@graffiti.com * "information is power -- share the wealth."
