| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <3F1DDCB0.2090505@ameritech.net> From: dbailey27 at ameritech.net (northern snowfall) Subject: Virii that can exploit email server? > > > Virus exploits Email Server A, infects other emails, causes world > domination, etc. > Yes, this is possible, though improbable. It would have to be a two pronged virus. The first prong is, of course, exploiting user clients that are vulnerable to virii propagation. The second prong would be exploiting the server once the infected user has sent off emails (by his own hand or not). The server would have to be exploited via some header handling or queue vulnerability for the specific mail server. Since the server isn't necessarily going to be vulnerable, this tactic will be extremely hit-and-miss. Despite the improbability of this situation, it is a possible attack vector. Since most attackers target mail server protocol lexicon, they tend to forget about the queue mechanisms that come later once the email has been stored on disk. If a situation arises in which a queue mechanism can be overflowed by data (possibly trusted) stored in mail queue files, the situation becomes real. This is most likely a situation to be desired by attackers whom wish to target internal mail servers not accessible to them via the internet. These internal mail servers would handle outgoing data for internal users only, while other mail servers would route incoming mail data. Don http://www.7f.no-ip.com/~north_
Powered by blists - more mailing lists