[bugs] [Bug 968] Changed - Important security issue in IMP 3.1 RC3

bugs@bugs.horde.org bugs@bugs.horde.org
Wed, 5 Jun 2002 04:09:09 -0300

Previous message: [bugs] [Bug 971] Changed - Logout does not destory session properly
Next message: [bugs] [Bug 968] Changed - Important security issue in IMP 3.1 RC3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

http://bugs.horde.org/show_bug.cgi?id=968

*** shadow/968	Wed Jun  5 01:22:12 2002
--- shadow/968.tmp.1618	Wed Jun  5 04:09:09 2002
***************
*** 32,34 ****
--- 32,50 ----
  
  ------- Additional Comments From chuck@horde.org  06/05/02 01:22 -------
  *** Bug 971 has been marked as a duplicate of this bug. ***
+ 
+ ------- Additional Comments From cameron_green@hotmail.com  06/05/02 04:09 -------
+ Hi Jan,
+ 
+ To replicate the bug I entered #971, log in as yourself to any given IMP3
+ installation, (I just did a search on the web as the demo site is not working)
+ and logout straight away.
+ Then use the history in the browser to navigate to the mailbox.php file, you
+ will be able to see all of your own (or the previous logged in users) mail.  It
+ is not even necessary as Aliet has said, to log in as another user.
+ Aliet is right though in saying this is critical.
+ 
+ It seems its not as easy to destroy a PHP session as just removing the cookie
+ and setting some values to null.  If you still can't replicate it with my
+ instructions, you may have to enable trans-sid.
+

Previous message: [bugs] [Bug 971] Changed - Logout does not destory session properly
Next message: [bugs] [Bug 968] Changed - Important security issue in IMP 3.1 RC3
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]