[bugs] [Bug 696] Changed - IMP file read vulnerability

Brent J. Nordquist bjn@horde.org
Fri, 6 Jul 2001 10:04:38 -0500 (CDT)

Previous message: [dev] Re: [imp] Re: [dev] notifications and recurring tasks for NAG
Next message: [dev] Re: [imp] Re: [dev] notifications and recurring tasks for NAG
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

A post came across bugtraq last night saying almost exactly the same thing
about Cobalt Qube webmail... wonder if that was the motivation for
checking and reporting this one against IMP.  :-)  Anyone know what the
Qube is using for webmail?  (It's clearly PHP-based, from the listed
path.)

-- 
Brent J. Nordquist <bjn@horde.org> N0BJN
Yahoo!: Brent_Nordquist / AIM: BrentJNordquist / ICQ: 76158942



>From janmailing@gmx.de Date: Fri,  6 Jul 2001 15:03:08 +0000
Return-Path: <janmailing@gmx.de>
Mailing-List: contact dev-help@lists.horde.org; run by ezmlm
Delivered-To: mailing list dev@lists.horde.org
Received: (qmail 86309 invoked from network); 6 Jul 2001 15:07:10 -0000
Received: from mailout06.sul.t-online.com (HELO mailout06.sul.t-online.de) (194.25.134.19)
  by horde.org with SMTP; 6 Jul 2001 15:07:10 -0000
Received: from fwd05.sul.t-online.de 
	by mailout06.sul.t-online.de with smtp 
	id 15IXCH-0005Tf-02; Fri, 06 Jul 2001 17:07:09 +0200
Received: from linux.wg.de (320034214675-0001@[217.80.111.105]) by fmrl05.sul.t-online.com
	with esmtp id 15IXC3-1Ye8jwC; Fri, 6 Jul 2001 17:06:55 +0200
Received: from localhost (localhost [127.0.0.1])
	by linux.wg.de (8.11.0/8.11.0/SuSE Linux 8.11.0-0.4) with ESMTP id f66F39R25602
	for <dev@lists.horde.org>; Fri, 6 Jul 2001 17:03:09 +0200
Received: from 192.168.60.1 ( [192.168.60.1])
	as user jan@mail.wg.de by linux.wg.de with HTTP;
	Fri,  6 Jul 2001 15:03:08 +0000
Message-ID: <994431788.3b45d32ca8822@linux.wg.de>
Date: Fri,  6 Jul 2001 15:03:08 +0000
From: Jan Schneider <janmailing@gmx.de>
To: dev@lists.horde.org
MIME-Version: 1.0
Content-Type: text/plain
Content-Transfer-Encoding: 8bit
User-Agent: Internet Messaging Program (IMP) 2.3.7-cvs
X-Sender: 320034214675-0001@t-dialin.net
Subject: Re: [dev] jonah/backend.php authentication

One of mankinds great mysteries that will never be solved! :-)

Zitat von Chuck Hagenbuch <chuck@horde.org>:

> Quoting Jan Schneider <janmailing@gmx.de>:
>
> > Seems like authentication didn't work until now! ;-)
>
> I didn't change anything there... unless you cleaned up a conf file or
> something...? *shrug*
>
> -chuck
>
> --
> Charles Hagenbuch, <chuck@horde.org>
> Some fallen angels have their good reasons.
>
> --
> Horde Developers mailing list: http://horde.org/
> Frequently Asked Questions: http://horde.org/faq/
> To unsubscribe, mail: dev-unsubscribe@lists.horde.org
>
>


::::::::::::::::::::::::::::::::::::::::
AMMMa AG - discover your knowledge
:::::::::::::::::::::::::::
Detmolder Str. 25-33 :: D-33604 Bielefeld
fon +49.521.96878-0 :: fax  +49.521.96878-20
http://www.ammma.de
::::::::::::::::::::::::::::::::::::::::::::::

Previous message: [dev] Re: [imp] Re: [dev] notifications and recurring tasks for NAG
Next message: [dev] Re: [imp] Re: [dev] notifications and recurring tasks for NAG
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]