Web Application Security
SmarterMail All Versions - Stealing other Users Emails Feb 03 2014 08:08PM
Mark Litchfield (mark securatary com)
This attack allows an authenticated SmarterMail user to read other users
emails.

I tried to contact Smartmail with the usual security email aliases,
apparently they do not have any. I posted to their forum for a contact
and all I got was an email stating check you are running the latest
version then if you like please contact us at sales (at) smartertools (dot) com [email concealed]

I personally do not want to run around here and there on my own time.
Maybe they should consider a more different approach to people trying to
report security issues. A good start would be security (at) smartertools (dot) com [email concealed]

A step by step with the usual screen shots at -
http://www.securatary.com/vulnerabilities

All the best

Mark Litchfield
www.securatary.com

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus