Home    |    View Topics    |    Search    |    Contact Us    |   



Category:   Application (File Transfer/Sharing)  >   GMail Drive Vendors:
GMail Drive Discloses Gmail Users Account Name and Lets Local Users Access the Gmail Account
SecurityTracker Alert ID:  1011758
SecurityTracker URL:
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Oct 18 2004
Impact:   Disclosure of user information, User access via network
Exploit Included:  Yes  

Description:   Lostmon reported a vulnerability in GMail Drive. A local user can determine the GMail account name and can access the GMail account. [GMail Drive is not a Google product.]

It is reported that a local user can examine the properties of a GMail Drive to determine the GMail account username (the volume label is the username).

It is also reported that if the GMail Drive is configured for 'auto login', then a local user can access '' and gain direct access to the Gmail account used by GMail Drive.

Impact:   A local user can determine the Gmail account name.

A local user can access the Gmail account.

Solution:   No solution was available at the time of this entry.
Vendor URL: (Links to External Site)
Cause:   Access control error
Underlying OS:  Windows (Any)

Message History:   None.

 Source Message Contents

Subject:  Gmail drive discloses user name account and gain access to user mail account

wen install Gmail drive (

1-disclosure of user information:

you have a new disk (gmail drive) in my Pc if you login in=20

any local user can view your user name account only need to look the proper=
of gmail=B4s drive and look the volume lavel ...this is the user name
was used to loged in.

2- accesing user mail account=20

wen you open the gmail=B4s drive and if you check "auto login " option
any local user can go to ...and the page
redirecting to the user account was loged on gmail drive

Lostmon ( )

thx to for their support
thx to Ghalician he is whith me and investigate :)
La curiosidad es lo que hace mover la mente....

Go to the Top of This SecurityTracker Archive Page

Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, LLC