Icewarp is one the world's most used web mail software. It's another product of Merak Mail developers. There is an seccurity issue in Icewarp. It's like this: When you create a new user , icewarp gives him a static number. If this user does not logout after checking his inbox you can access his inbox. I wrote this issue to developers of Icewarp they said me to increase the timeout value. In standart installation timeout value is defaulty very large. They said they don't think to use cookie system. Here is how to use this issue: Let's say that our users static number is 098d0f444ec627534540ac4f02f29fh7 if the user does not signout and if you get this 098d0f444c627534540ac4f02f29fh7 you can access inbox before it times out. http://anyicewarpusingsite.com/view.html?id=098d0f444c627534540ac4f02f29fh7 This id never changes. How to get a users id? ---------------------- You must have an email account in icewarp using host. Than you can send a mail directly to userat_private . Wait for the reply. If it comes his id is in links (answer,forward..) Also we know that most users in general do not signout. So I think that this is an important issue. Fix: In include.html find the default value 240 and make it lower. In a support message that came from icewarps developers thay said 240 could be in minutes!! Credits: Hüseyin Uslu, and my customer in the web host i'm working.. Notice: Hüseyin Uslu is not responsible for any usage of this security issue. Developer of this software have been informed. ------------------------- Hüseyin Uslu _________________________________________________________________ Get your FREE download of MSN Explorer at http://explorer.msn.com/intl.asp.
This archive was generated by hypermail 2b30 : Sat Feb 09 2002 - 13:12:19 PST