i realize the author isn't a native english speaker, but this is ridiculous, to wit:


Package       : Sqwebmail
Vendor         : Inter7
Vulnerability  : access to private account without login, session
hijacking
Problem-Type   : remote
risk           : low

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^


"risk: low"

Version        : All the version seems to be affected.
Official Site  : http://www.inter7.com/sqwebmail/sqwebmail.html
N Advisories  : 0002

Example:
-------------------
MY STAT FOR MY WEBSITE - REFERENT DOMAIN
http://mailserver.society.com/cgi-bin/sqwebmail/login/mail%40server.org.authvchkpw/3247A0578D6F3E74F37A20FF37B52A1C/1069089171?folder=Trash&form=folders

"page not found". how helpful!



Read, write and fake your e-mail. Could send , from you email address, a
mail to your ISP and ask it User e PASS of your
website. The consequences would be catastrophic.


"consequences...catastrophic"

make up your mind, dude. is low or catastrophic?


Paul Theodoropoulos http://www.anastrophe.com




Reply via email to