Next Page >>
e/mail
- Presentation name
- A one-sentence synopsis of your topic
- A longer one to three paragraph synopsis or short outline of what
you plan on covering
- Names, email addresses and URLs of the presenter(s)
- A short (single-paragraph) biography of the presenter(s)
Once everything is ready to go, please email your submission to cfp
[at] layerone [dot] info no later than March 15, 2008. You will
receive notice no later than April 1, 2008 to let you know if your
Bugtraq ID: N/A
CVE Name: N/A
*Vulnerability Description*
Lotus Notes is the integrated email, calendar, instant messenger, browser
and business collaboration application developed by IBM to work as a
desktop client in conjunction with IBM’s Lotus Domino server application.
The email functionality of Lotus Notes supports previewing and processing
file attachments in various formats. To preview and process files in the
Title:
======
Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites
Date:
=====
2012-10-02
Advisory: IceWarp WebMail Server: Client-Side Specification of "Forgot
Password" eMail Content
During a penetration test, RedTeam Pentesting discovered that the emails
sent by the IceWarp WebMail Server when using the "Forgot Password"
function are generated on the client side. Furthermore, the server
expands certain keywords in these emails to users' full names, usernames
and passwords. This allows for advanced social engineering attacks and
the potential disclosure of usernames and passwords.
+---------------------------------------------------------------------
Summary
=======
IronPort PXE Encryption is an e-mail encryption solution that is
designed to secure e-mail communications without the need for a
Public Key Infrastructure (PKI) or special agents on receiving
systems. When an e-mail message is targeted for encryption, the PXE
encryption engine on an IronPort e-mail gateway encrypts the original
e-mail message as an HTML file and attaches it to a notification
. 2008-01-30:
Additional mail sent to Citect support team asking for a software
security contact at Citect.
. 2008-01-30:
Email from Citect's support team acknowledging notification and
requesting information in plaintext.
. 2008-02-06:
Core sends the draft advisory, including proof of concept code to
demonstrate the vulnerability.
Title:
======
SonicWALL EMail Security 7.3.5 - Multiple Vulnerabilities
Date:
=====
2012-08-14
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
Title:
======
SonicWall Email Security 7.4.1.x - Persistent Web Vulnerability
Date:
=====
2012-12-21
-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of NSO Research
Sent: Tuesday, October 20, 2009 12:10 PM
To: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Subject: [Full-disclosure] NSOADV-2009-003: Websense Email Security Cross Site Scripting
_________________________________________
Security Advisory NSOADV-2009-003
_________________________________________
_________________________________________
Just published the below advisory describing an issue with Mail.app
and a solution. I comment on the flaw on my blog:
http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory/
An up to date version of the advisory can be found:
http://resources.enablesecurity.com/advisories/apple-mailapp-smime.txt
The advisory was first published on EnableSecurity Newsletter. If
you'd like to subscribe then send an email to
newsletter@enablesecurity.com
Hello Bugtraq!
I want to warn you about security vulnerabilities in email clients,
particularly in Outlook Express and Outlook. This advisory is concerned with
my series of advisories about vulnerabilities in browsers, which belong to
group of DoS via protocol handlers.
All those who doubt that these DoS vulnerabilities in browsers and email
clients are security vulnerabilities, must read my first advisory on this
topic (http://www.securityfocus.com/archive/1/511327/30/0/threaded). Where I
Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N)
Affected products:
EMC SW: EMC SourceOne Email Management for Microsoft Exchange 6.5.2.3668 (SP2 HF3) and earlier
EMC SW: EMC SourceOne Email Management for Notes/Domino 6.5.2.3668 (SP2 HF3) and earlier
EMC SW: EMC SourceOne Email Management for Microsoft Exchange 6.6.0.1209 (HF1) and earlier
-------------------------
Lsoft ListServ v16 (WA revision R4241) Cross-Site Scripting (XSS) vulnerability (prior versions have not been checked but could be vulnerable too).
II. BACKGROUND
-------------------------
LISTSERV launched the email list industry 25 years ago and remains the gold standard. Continuously developed to meet the latest demands, LISTSERV provides the power, reliability and enterprise-level performance you need to manage all of your opt-in email lists, including email newsletters, announcement lists, discussion groups and email communities.
L-Soft is a pioneer in the fields of email list management software, email marketing software and email list hosting services. L-Soft's solutions are used for managing email newsletters, discussion groups, email communities and opt-in email marketing campaigns.
III. DESCRIPTION
-------------------------
Security Advisory NSOADV-2009-003
_________________________________________
_________________________________________
Title: Websense Email Security Cross Site Scripting
Severity: Low
Advisory ID: NSOADV-2009-003
Found Date: 28.09.2009
Date Reported: 01.10.2009
Release Date: 20.10.2009
el nico destinatario de dichos datos, y cuya finalidad exclusiva es la
gestin de clientes y acciones de comunicacin comercial, y de que tiene
la posibilidad de ejercer los derechos de acceso, rectificacin,
cancelacin y oposicin previstos en la ley mediante carta dirigida a
Internet Security Auditors, c. Santander, 101. Edif. A. 2º 1ª, 08030
Barcelona, o va e-mail a la siguiente direccin de correo:
legal@isecauditors.com
>
> On Fri, Jul 17, 2009 at 2:48 PM, ISecAuditors Security
#!/usr/bin/python
#--------------------------------------------------------------------------------
#(POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-->
#--------------------------------------------------------------------------------
#
#CMS INFORMATION:
#
#-->WEB: http://www.alumniserver.net/
#-->DOWNLOAD: http://www.alumniserver.net/
#-->DEMO: N/A
# 59. if (!$nama || preg_match("/[^a-zA-Z0-9_-]/", $nama)) $error .= "Karakter Username tidak diizinkan kecuali a-z,A-Z,0-9,-, dan _<br />";
# 60. if (strlen($nama) > 10) $error .= "Username Terlalu Panjang Maksimal 10 Karakter<br />";
# 61. if (strrpos($nama, " ") > 0) $error .= "Username Tidak Boleh Menggunakan Spasi";
# 62. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT user FROM useraura WHERE user='$nama'")) > 0) $error .= "Error: Username ".$nama." sudah terdaftar , silahkan ulangi.<br />";
# 63. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT user FROM temp_useraura WHERE user='$nama'")) > 0) $error .= "Error: Username ".$nama." sudah terdaftar , silahkan ulangi.<br />";
# 64. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT email FROM useraura WHERE email='$email'")) > 0) $error .= "Error: Email ".$email." sudah terdaftar , silahkan ulangi.<br />";
# 65. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT email FROM temp_useraura WHERE email='$email'")) > 0) $error .= "Error: Email ".$email." sudah terdaftar , silahkan ulangi.<br />";
# 66. if (!nama) $error .= "Error: Formulir Nama belum diisi , silahkan ulangi.<br />";
# 67. if ($cekperaturan != "1") $error .= "You should be agree with rules and conditions of use!<br />";
# 68. if (!nama) $error .= "Error: Formulir Nama belum diisi , silahkan ulangi.<br />";
# 69. if (!password) $error .= "Error: Formulir Password belum diisi , silahkan ulangi.<br />";
Title:
======
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites
Date:
=====
2012-04-13
Security Advisory NSOADV-2009-002
_________________________________________
_________________________________________
Title: Websense Email Security Web Administrator DoS
Severity: Low
Advisory ID: NSOADV-2009-002
Found Date: 28.09.2009
Date Reported: 01.10.2009
Release Date: 20.10.2009
> (e.g. "aaaaaaaa") or dictionary words (e.g. "pentagon" or "computer").
>
> The abuse of this functionality permits an attacker to do thousands of
> authentication requests during a day over one user account, so if the
> user is using a weak password is a matter of time to guess to have
> access to the mail account.
>
> IV. PROOF OF CONCEPT
> -------------------------
> As only requirement, the attacker needs a real Gmail account, but
> that's not a real limitation as service is for free.
(e.g. "aaaaaaaa") or dictionary words (e.g. "pentagon" or "computer").
The abuse of this functionality permits an attacker to do thousands of
authentication requests during a day over one user account, so if the
user is using a weak password is a matter of time to guess to have
access to the mail account.
IV. PROOF OF CONCEPT
-------------------------
As only requirement, the attacker needs a real Gmail account, but
that's not a real limitation as service is for free.
OVERVIEW:
I would like to draw your attention on a problem that is already known and is surely exploited for a long time, but clearly seems to be underestimated.
the problem is explained quickly:
- email service provider delete inactive accounts after six or twelve months of inactivity and release the adresse (nearly every big email provider does it)
- many platforms (webshops, forums, etc...) do NOT delete inactive accounts
This asymmetry in handling inactive accounts has the consequence that thousands of accounts of various online platforms can be hijacked by attackers without any technical difficulties.
The procedure is so simple that it hardly needs to be mentioned:
Description
-----------
Several Cross Site Scripting vulnerabilities were found in within Outlook Web Access (OWA) 2003/2007. An attacker can craft a malicious email which will trigger within a user's browser. Different version of OWA and different clients (Light and Premium) have different attack vectors which can result in an attacker gaining *persistent* control over a victim's use of Outlook Web Access. An attacker would have full control and access to the victims e-mail account. This control could be further abused by utilising techniques such as JavaScript root-kits or web worms.
Analysis
--------
Head of Digital Security Research Group
______________________
DIGITAL SECURITY
phone: +7 812 703 1547
+7 812 430 9130
e-mail: a.polyakov@dsec.ru
www.dsec.ru
www.dsecrg.com
www.pcidss.ru
III. ANALYSIS
Exploitation allows an attacker to execute arbitrary code with the
privileges of the current user. Exploitation would require convincing a
targeted user to view a specially crafted image file. An attacker could
host this file on a Web server, attach the file to an e-mail or
embedded the file in an Office document.
This vulnerability also can be triggered through e-mail. If the e-mail
client can automatically display images embedded in the e-mail, the
user only needs to open the e-mail to trigger the vulnerability.
- -----------/
*Report Timeline*
. 2008-01-30: Initial contact email sent by to Wonderware setting the
estimated publication date of the advisory to February 25th.
. 2008-01-30: Contact email re-sent to Wonderware asking for a software
security contact for Wonderware InTouch.
. 2008-02-06: New email sent to Wonderware asking for a response and for
a software security contact for Wonderware InTouch.
Vulnerability Report:
As part of our recent work on the trust hierarchy that exists among email providers throughout the Internet, we have uncovered a serious security flaw in Ggoogle's free email service, Gmail. This vulnerability exposes Google's email servers in a way that allows an attacker to use them as open spam and phishing relays. This issue is related to the risk of a malicious user abusing Gmail's email forwarding functionality. This is possible because Gmail's email forwarding functionality does not impose proper security restrictions during its setup process and can be easily subverted. By exploiting this problem an attacker can send unlimited spam and phishing (i.e. forged) email messages that are delivered by Google's very own SMTP servers. Since the messages are delivered by Google's own servers, an attack based on this flaw is able to bypass all spam filters that are based on the blacklist / whitelist concept. We were able to confirm that this vulnerability is indeed exploitable b
y crafting a proof of concept attack that allowed us to send any number of forged email messages without restriction through Google's server infrastructure. We have also verified that this flaw allows attackers to bypass spam filters by using our method to send messages that are usually flagged as spam. While sending these messages directly from our network in the traditional way had the messages classified as spam, by sending the very same messages using our exploit, the messages were delivered directly to the victim's inbox, thus bypassing filters.
Impact:
All email providers that offer Google's SMTP servers any special level of trust (e.g. whitelist status) are vulnerable.
On Wed, 7 May 2008 pablo.ximenes@upr.edu wrote:
>
> Vulnerability Report:
>
> As part of our recent work on the trust hierarchy that exists among email providers throughout the Internet, we have uncovered a serious security flaw in Ggoogle's free email service, Gmail. This vulnerability exposes Google's email servers in a way that allows an attacker to use them as open spam and phishing relays. This issue is related to the risk of a malicious user abusing Gmail's email forwarding functionality. This is possible because Gmail's email forwarding functionality does not impose proper security restrictions during its setup process and can be easily subverted. By exploiting this problem an attacker can send unlimited spam and phishing (i.e. forged) email messages that are delivered by Google's very own SMTP servers. Since the messages are delivered by Google's own servers, an attack based on this flaw is able to bypass all spam filters that are based on the blacklist / whitelist concept. We were able to confirm that this vulnerability is indeed exploitable b
> y crafting a proof of concept attack that allowed us to send any number of forged email messages without restriction through Google's server infrastructure. We have also verified that this flaw allows attackers to bypass spam filters by using our method to send messages that are usually flagged as spam. While sending these messages directly from our network in the traditional way had the messages classified as spam, by sending the very same messages using our exploit, the messages were delivered directly to the victim's inbox, thus bypassing filters.
>
> Impact:
>
> All email providers that offer Google's SMTP servers any special level of trust (e.g. whitelist status) are vulnerable.
Next Page>>
|
