Home page logo
/

bugtraq logo Bugtraq mailing list archives

Privacy hole in Go Express Search
From: ah () SECURITYFOCUS COM (Alfred Huger)
Date: Mon, 13 Dec 1999 14:51:54 -0800


---------- Forwarded message ----------
Date: 13 Dec 1999 03:23:39 -0000
From: roxen () securityfocus com
To: suggestions () securityfocus com
Subject: Link Suggestion

Link Name:      Privacy hole in Go Express Search

Link URL:       http://www.mobileunit.org/advisories/001/

Description:

Disney's Go Express Search operates an http server at port 1234 without authentication. Remote users can submit search
queries, and view queries and personal links left by other users. It's possible to access the configuration interface, 
which can
reveal the e-mail address of the user who registered it. Configuration settings can be changed remotely to, for 
instance, add,
remove or alter personal links.


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]