---------- Forwarded message ---------- Date: 13 Dec 1999 03:23:39 -0000 From: roxenat_private To: suggestionsat_private Subject: Link Suggestion Link Name: Privacy hole in Go Express Search Link URL: http://www.mobileunit.org/advisories/001/ Description: Disney's Go Express Search operates an http server at port 1234 without authentication. Remote users can submit search queries, and view queries and personal links left by other users. It's possible to access the configuration interface, which can reveal the e-mail address of the user who registered it. Configuration settings can be changed remotely to, for instance, add, remove or alter personal links.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:20:43 PDT