It's OK. It's Friday. All of our brains are fried by now.
:) John Tolmachoff IT Manager, Network Engineer RelianceSoft, Inc. Fullerton, CA 92835 www.reliancesoft.com -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]] On Behalf Of Rick Leske Sent: Friday, June 14, 2002 6:05 PM To: [EMAIL PROTECTED] Subject: Re: [IMail Forum] Possible security flaw Ok, what duh?.. I'm a little slow here.. "where is this check box" at and do I check it to plug up this hole or leave it unchecked? Is it in the 7.1 IMail Web Messaging.. Ignore source address in security check? that box? Looks like a hack for AOL ....~~~shreek...gasp~~ ugh.. then I discovered its' in the calendar area too!?! tia, ~Rick John Tolmachoff wrote: > I had previously had a user that Ipswitch said to have him connect, to > uncheck that box to allow him to connect being that he was on Starband. > > Now that this has been confirmed to be a security hole, I am checking > that box and resubmitting this incident to Ipswitch. > > They better come up with a fix soon. > > John Tolmachoff > IT Manager, Network Engineer > RelianceSoft, Inc. > Fullerton, CA 92835 > www.reliancesoft.com > > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED]] On Behalf Of Stein Langlie > Sent: Friday, June 14, 2002 9:11 AM > To: [EMAIL PROTECTED] > Subject: Re: [IMail Forum] Possible security flaw > > I have replicated this issue. This is exactly the type of scenario that > I am concerned about. The referrer the guy was talking about was put > into his web log because someone was in your webmail and clicked on a > link. Since the person was still logged in (and you have "check source > ip" unchecked) the iMail url the user was at could be used to enter that > user's e-mail session. Scary stuff. > > I don't want to alienate AOL users or other users whos have ip address > changes from page to page - but perhaps I shouldn't worry about them and > just check the magic "check source ip" box. Fortunately, the potential > for abuse lies primarily with network admins (the good guys), and not > spammers (bad guys). > > Cheers, > Stein Langlie > > > > > ---------- Original Message ---------------------------------- > From: "florida.com" <[EMAIL PROTECTED]> > Reply-To: [EMAIL PROTECTED] > Date: Fri, 14 Jun 2002 09:50:57 -0400 > > >>Just got this email from a guy: ( see below) >> >>I could not reproduce as I don't have same software on my server to >>readily access my referrers. >>Maybe someone can reproduce this? >> >> >>---------------------------------------------------------------------- - >> > - > >>-------------------- >> >>>Dear Sir, >>> >>>When checking the incoming referrers from my website, I noticed that I >>> >>could get in one of your >customers e-mail box: >> >> >>>http://email.florida.com:8383/Xaf34c89b9bc9cfcc98e81bcf27/button.cgi >>> >>(session expired already dk ) >> >> >>Sincerely, >> >>David Kaleky >> >>www.Florida.com >>www.AtlanticCity.com >>www.Moshiach.com >> >>Tel: 561-995-1656 >>FAX: 425-799-5963 >> >> >>PS. Great Hotel and Condo Deals *WorldWide* are found at >> > http://www.FLORIDA.com > ___________________________________________________________________ Virus Scanned and Filtered by http://www.FamHost.com E-Mail System. Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/ Please visit http://www.ipswitch.com/support/mailing-lists.html to be removed from this list. An Archive of this list is available at: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Please visit the Knowledge Base for answers to frequently asked questions: http://www.ipswitch.com/support/IMail/
