lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <Pine.BSO.4.58.0309242048360.24545@anarch0.rewt.mil>
Date: Wed, 24 Sep 2003 21:00:52 +0200 (CEST)
From: Marco Ivaldi <raptor@...eadbeef.info>
To: Mark Coleman <markc@...ontown.com>
Cc: "Richard M. Smith" <rms@...puterbytesman.com>,
	"BUGTRAQ@...URITYFOCUS. COM" <BUGTRAQ@...urityfocus.com>,
	incidents@...urityfocus.org
Subject: Re: Privacy leak in VeriSign's SiteFinder service #2


On Wed, 24 Sep 2003, Mark Coleman wrote:

> TELNET YYAAHHOO.COM 25
>
> 220 sitefinder.verisign.com VeriSign mail rejector (Postfix)
> mail from:source@...oo.com
> 250 Ok
> rcpt to:user@...ahhoo.com
> 550 <unknown[198.252.172.254]>: Client host rejected: The domain you are
> trying
> to send mail to does not exist.
>
> They could (AND SHOULD) REJECT from the initial connection, but instead
> ALLOW the TO and FROM fields of the SMTP negotiation to happen.

Moreover, they're still working on this SMTP server. Just one week ago,
they were running another Postfix-like MTA, with completely different
behaviour:

root@...rch0:~# telnet kjashfjhshghgfddg.com 25
Trying 64.94.110.11...
Connected to kjashfjhshghgfddg.com.
Escape character is '^]'.
220 snubby1-wcwest Snubby Mail Rejector Daemon v1.3 ready
helo foo
250 OK
mail from:test@...t.com
250 OK
rcpt to:nospam@...eadbeef.info
250 OK
data
221 snubby1-wcwest Snubby Mail Rejector Daemon v1.3 closing transmission
channelConnection closed by foreign host.

What if Verisign is planning to open more similar TCP/IP services on that
host? What if they're going to further modify the existing ones, to better
invade individuals' privacy?

:raptor
-- 
Marco Ivaldi
Antifork Research, Inc.   http://0xdeadbeef.info/
3B05 C9C5 A2DE C3D7 4233  0394 EF85 2008 DBFD B707



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ