Andreas Haas haasandi_etha at yahoo.com
Thu Jul 27 08:05:23 GMT 2000


I have found a possible bug in SWAT.
It was possible to view all the SWAT pages without
providing a user/password.

A login dialog appears everytime you are accessing
a page but if you go back and forward a page using
the Buttons of MS IE 5.0  you are able to see the
whole configuration.

I was not able to change anything but the knowlege
which users exitst could be a advantage to an attacker.

Do You Yahoo!?
Get Yahoo! Mail - Free email you can access from anywhere!

More information about the samba mailing list