SWAT
Andreas Haas
haasandi_etha at yahoo.com
Thu Jul 27 08:05:23 GMT 2000
Hi,
I have found a possible bug in SWAT.
It was possible to view all the SWAT pages without
providing a user/password.
A login dialog appears everytime you are accessing
a page but if you go back and forward a page using
the Buttons of MS IE 5.0 you are able to see the
whole configuration.
I was not able to change anything but the knowlege
which users exitst could be a advantage to an attacker.
__________________________________________________
Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!
http://mail.yahoo.com/
More information about the samba
mailing list