lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
From: security at brvenik.com (Jason)
Subject: Thomas E Cooper/Boulder/IBM is out of the office.

I hate to use IBM as an example but I sent a message last week with a 
bit about these OOTO messages and leakage of information / target 
aquisition.

No X-Mailer but the Thomas E Cooper/Boulder/IBM suggests Notes pretty 
strongly, there are a few other possibilities but I believe they are all 
extremely old mailers. It is IBM, duh! I think there is no real need to 
ask what they are using just what version.

A google for "X-MIMETrack: Serialize by Router" and "IBM" promptly 
points us to http://www.omg.org/issues/issue4397.txt

which contains a quite dated X-Mailer confirming notes
X-Mailer: Lotus Notes Release 5.0.5  September 22, 2000

but a few links down there is the very promising archived message
http://lists.w3.org/Archives/Public/www-forms/2003Apr/0037.html

relevant bits
 > Date: Fri, 11 Apr 2003 14:31:07 -0400
 > X-Mailer: Lotus Notes Release 6.0 September 26, 2002
 > X-MIMETrack: Serialize by Router on D01ML233/01/M/IBM(Release 6.0.1
 > [IBM]|April 9, 2003) at
 > 04/11/2003 14:31:09,
 >     Serialize complete at 04/11/2003 14:31:09

So not a definitive answer but a high probability of Lotus Notes Release 
6.0.0 or 6.0.1 is in use.

Off to http://icat.nist.gov/icat.cfm I go

Plug in Lotus Notes and click "One Year"

only 4 known potentials this year with a low probability of success in 
this case unless it is still 6.0.0, suprisingly a mentioned vector is email.

http://marc.theaimsgroup.com/?l=bugtraq&m=104550124032513&w=2

This is all public information from public archives and only 10 minutes 
of search and type.

-J

Valdis.Kletnieks@...edu wrote:
> On Wed, 16 Apr 2003 14:14:26 EDT, Michael Scheidell said:
> 
>>>
>>>I will be out of the office starting April 16, 2003 and will not return
>>>until April 21, 2003.
>>>
>>>I will respond to your message when I return.
>>
>>Cool... is your house empty too?
> 
> 
> Amazingly enough, his message didn't leak an X-Mailer: line.
> 
> The previous person to do that to me leaked this:
> 
> X-Mailer: Internet Mail Service (5.5.2655.55)
> 
> Hmm... Who wants to do a cross-correlate of that to vulnerabilities that
> we could leave in their inbox for when they get back and are likely to
> open things without being careful because they're buried in messages?
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ