[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <003901c24f52$565d8fc0$2b00a8c0@ibis.local>
From: secure.bugtraq at tag.odessa.ua (Andrew G. Tereschenko)
Subject: iName/Mail.com security holes opens door to millions of e-mail accounts
Thanks Colt for a note,
It was fixed by replacing body to xbody tag.
But the game still runs.
It takes for me 6 minutes to invent another example of this bug.
Not a 100% result, expected ~30%.
It's an extremly easy to cut navigation items from down of page
by using unclosed comments.
Inserting own (linked to evil host) is a one minute task.
Current sample will work in case if user will use
group of buttons located at the down of email.
I think a lot of other samples can be used.
Mail.com failed to correctly show html attachements.
Nobody is perfect,
--
Andrew G. Tereschenko
TAG Software Research Lab
Odessa, Ukraine
secure@....odessa.ua
P.S> Just for a record:
Ukraine is a fully independ country.
----- Original Message -----
From: "Colt Peacemaker" <colt45@....lonestar.org>
Sent: Thursday, August 29, 2002 12:22 PM
> Looks fixed to me. At least, it doesn't work for me when I try... <BODY>
> and other HTML tags seem to be streng verboten there at any rate.
[skiped]
Powered by blists - more mailing lists