[9123] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Another web-based mail reader hole

daemon@ATHENA.MIT.EDU (Peter van Dijk)
Tue Jan 19 18:50:50 1999

Mail-Followup-To: BUGTRAQ@NETSPACE.ORG
Date: 	Tue, 19 Jan 1999 18:45:50 +0100
Reply-To: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
From: Peter van Dijk <peter@ATTIC.VUURWERK.NL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.LNX.4.05.9901181512060.18921-100000@burn.victim.com>; from
              Dave Pifke on Mon, Jan 18, 1999 at 03:24:09PM -0800

On Mon, Jan 18, 1999 at 03:24:09PM -0800, Dave Pifke wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
>
> This bug has been fixed in most webmail clients for quite some time now,
> but I guess some people just don't see security as a design priority.
>
> The free, web-based mail client at www.angelfire.com passes authentication
> data in the URL.  So your authentication token hapilly gets logged if
> you use a proxy server or follow a link in a mail message (via the HTTP
> referrer header).

Actually, squid logs those requests upto the ? by default, removing the parameter
part.

Greetz, Peter.
--
<squeezer> AND I AM GONNA KILL MIKE                |          Peter van Dijk
<squeezer> hardbeat, als je nog nuchter bent:      | peter@attic.vuurwerk.nl
<squeezer>   @date = localtime(time);              |  realtime security d00d
<squeezer>   $date[5] += 2000 if ($date[5] < 37);  |
<squeezer>   $date[5] += 1900 if ($date[5] < 99);  |        * blah *


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[9123] in bugtraq

Re: Another web-based mail reader hole

daemon@ATHENA.MIT.EDU (Peter van Dijk)Tue Jan 19 18:50:50 1999

daemon@ATHENA.MIT.EDU (Peter van Dijk)
Tue Jan 19 18:50:50 1999