@stake Advisory: SiteMinder Access Control Bypass (A0911 00-1)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake Inc. www.atstake.com Security Advisory Advisory Name: SiteMinder Access Control Bypass A091100-1 Release Date: 09/11/2000 Application: Netegrity SiteMinder 3.6, 4.0 Platform: Solaris 2.x, Windows NT Severity: Access control mechanism can be...

iMailv5.txt

0oooop / Six Toed / Security Advisory Date: 2000, 03/01 Affected Software: iMail Server 5.0 Platform: Windows NT 4.0 SP 6a Problem A malicous user can read and send emails as any other user on the system. How The issue lies in how iMail handles the creating of new email accounts, and how it store...