I had previously had a user that Ipswitch said to have him connect, to uncheck that box to allow him to connect being that he was on Starband.
Now that this has been confirmed to be a security hole, I am checking that box and resubmitting this incident to Ipswitch. They better come up with a fix soon. John Tolmachoff IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Stein Langlie Sent: Friday, June 14, 2002 9:11 AM To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] Possible security flaw I have replicated this issue. This is exactly the type of scenario that I am concerned about. The referrer the guy was talking about was put into his web log because someone was in your webmail and clicked on a link. Since the person was still logged in (and you have "check source ip" unchecked) the iMail url the user was at could be used to enter that user's e-mail session. Scary stuff. I don't want to alienate AOL users or other users whos have ip address changes from page to page - but perhaps I shouldn't worry about them and just check the magic "check source ip" box. Fortunately, the potential for abuse lies primarily with network admins (the good guys), and not spammers (bad guys). Cheers, Stein Langlie ---------- Original Message ---------------------------------- From: "florida.com" <[EMAIL PROTECTED]> Reply-To: [EMAIL PROTECTED] Date: Fri, 14 Jun 2002 09:50:57 -0400 >Just got this email from a guy: ( see below) > >I could not reproduce as I don't have same software on my server to >readily access my referrers. >Maybe someone can reproduce this? > > >----------------------------------------------------------------------- - >-------------------- >>Dear Sir, > >>When checking the incoming referrers from my website, I noticed that I >could get in one of your >customers e-mail box: > >>http://email.florida.com:8383/Xaf34c89b9bc9cfcc98e81bcf27/button.cgi > >(session expired already dk ) > > >Sincerely, > >David Kaleky > >www.Florida.com >www.AtlanticCity.com >www.Moshiach.com > >Tel: 561-995-1656 >FAX: 425-799-5963 > > >PS. Great Hotel and Condo Deals *WorldWide* are found at http://www.FLORIDA.com > >Please visit http://www.ipswitch.com/support/mailing-lists.html >to be removed from this list. > >An Archive of this list is available at: >http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ > >Please visit the Knowledge Base for answers to frequently asked >questions: http://www.ipswitch.com/support/IMail/ > Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
