lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 19 May 2005 15:57:33 +0200
From: Joachim Schipper <j.schipper@...h.uu.nl>
To: bugtraq@...urityfocus.com, full-disclosure@...ts.grok.org.uk
Subject: Re: Re: Security issue in Microsoft Outlook

On Wed, May 18, 2005 at 10:07:54PM -0700, Harshad wrote:
> This issue was originally discovered by Harry from http://
> www.securityalertz.com & http://www.Harry-Inc.com The article is stolen from
> http://www.securityalertz.com/Article805.html posted on May 06 2005
> ..Lol....the poser below copies most of the articles from Securityalertz on his
> so called security sites claiming them to be his....
> 
> Bakchodiya <bakchodiya@...oo.com> wrote:
> 
>     An issue has been discovered in MS Outlook (All
>     Versions) where anyone can fake a URL & send it
>     across.
> 
>     How does it work:
> 
>     Lets compose an email in MS Outlook, lets type
> 
> 
>     http://www.cybertrion.com & put a space after it to
>     make it a link. Now put your cursor just before
>     cybertrion & type any URL for eg:
>     http://www.foo-labs.info now send it to anyone. The
>     receiver will see the URL as http://www.foo-labs.info
>     but when he clicks on it it will directly take him to
>     http://www.cybertrion.com
> 
>     I am not sure how critical this is but it can fool
>     alot of people & result in download of a virus.

Erm... do you *want* to admit to 'discovering' this? ;-)

		Joachim

Content of type "application/pgp-signature" skipped

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists