bigfoot-bellsouth-webmail.txt

1999-08-17T00:00:00
ID PACKETSTORM:12315
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Fri, 8 Jan 1999 07:07:20 -0600  
From: "Madere, Russel" <rmadere@STEI.COM>  
To: BUGTRAQ@netspace.org  
Subject: Bigfoot/Bellsouth Webmail bug  
  
  
I seem to have found another "bug" with the Bigfoot/Bellsouth Webmail.  
Users can log back into the service from cached pages. This is a huge  
security hole, especially for users access these services from public  
terminals. Subsequent users can just use the back button to go back in the  
previous session history and log in as the previous user.  
  
Russel Madere, Jr.  
Stewart Enterprises, Inc.  
  
  
`