lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu May 19 14:57:57 2005
From: j.schipper at math.uu.nl (Joachim Schipper)
Subject: Re: Security issue in Microsoft Outlook

On Wed, May 18, 2005 at 10:07:54PM -0700, Harshad wrote:
> This issue was originally discovered by Harry from http://
> www.securityalertz.com & http://www.Harry-Inc.com The article is stolen from
> http://www.securityalertz.com/Article805.html posted on May 06 2005
> ..Lol....the poser below copies most of the articles from Securityalertz on his
> so called security sites claiming them to be his....
> 
> Bakchodiya <bakchodiya@...oo.com> wrote:
> 
>     An issue has been discovered in MS Outlook (All
>     Versions) where anyone can fake a URL & send it
>     across.
> 
>     How does it work:
> 
>     Lets compose an email in MS Outlook, lets type
> 
> 
>     http://www.cybertrion.com & put a space after it to
>     make it a link. Now put your cursor just before
>     cybertrion & type any URL for eg:
>     http://www.foo-labs.info now send it to anyone. The
>     receiver will see the URL as http://www.foo-labs.info
>     but when he clicks on it it will directly take him to
>     http://www.cybertrion.com
> 
>     I am not sure how critical this is but it can fool
>     alot of people & result in download of a virus.

Erm... do you *want* to admit to 'discovering' this? ;-)

		Joachim
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.grok.org.uk/pipermail/full-disclosure/attachments/20050519/8f69ea64/attachment.bin

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ