Forwarded from: Aj Effin Reznor <ajat_private> "InfoSec News was known to say....." > http://www.vnunet.com/News/1130317 > > By James Middleton [21-03-2002] > > Security watchers have identified a vulnerability in the web mail > service of internet portal Excite that allows for the hijacking of a > user's account. > > According to the experts, when a user logs in to their account through > Excite's web interface, the session is authenticated by a unique URL. > > By sending an HTML email which includes an image based on another > server to the victim, an attacker can easily get the unique URL from > the referrer field in the HTTP header. This is hardly news, other than the size of impact that may be realized since this is Excite. I posted an almost identical advisory Oct. 30th 2001 to BugTraq, only it was in http://community.sierra.com/ I suspect many, many sites and software packages are open to this type of vulnerability, people just need to look for them. It's easy, it's simple, and it's there. My original posting is at: http://online.securityfocus.com/archive/1/223799 -aj. - ISN is currently hosted by Attrition.org To unsubscribe email majordomoat_private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Mon Apr 01 2002 - 02:42:21 PST