Next Page >>
emails
- Presentation name
- A one-sentence synopsis of your topic
- A longer one to three paragraph synopsis or short outline of what
you plan on covering
- Names, email addresses and URLs of the presenter(s)
- A short (single-paragraph) biography of the presenter(s)
Once everything is ready to go, please email your submission to cfp
[at] layerone [dot] info no later than March 15, 2008. You will
receive notice no later than April 1, 2008 to let you know if your
Bugtraq ID: N/A
CVE Name: N/A
*Vulnerability Description*
Lotus Notes is the integrated email, calendar, instant messenger, browser
and business collaboration application developed by IBM to work as a
desktop client in conjunction with IBM’s Lotus Domino server application.
The email functionality of Lotus Notes supports previewing and processing
file attachments in various formats. To preview and process files in the
Advisory: IceWarp WebMail Server: Client-Side Specification of "Forgot
Password" eMail Content
During a penetration test, RedTeam Pentesting discovered that the emails
sent by the IceWarp WebMail Server when using the "Forgot Password"
function are generated on the client side. Furthermore, the server
expands certain keywords in these emails to users' full names, usernames
and passwords. This allows for advanced social engineering attacks and
the potential disclosure of usernames and passwords.
+---------------------------------------------------------------------
Summary
=======
IronPort PXE Encryption is an e-mail encryption solution that is
designed to secure e-mail communications without the need for a
Public Key Infrastructure (PKI) or special agents on receiving
systems. When an e-mail message is targeted for encryption, the PXE
encryption engine on an IronPort e-mail gateway encrypts the original
e-mail message as an HTML file and attaches it to a notification
. 2008-01-30:
Additional mail sent to Citect support team asking for a software
security contact at Citect.
. 2008-01-30:
Email from Citect's support team acknowledging notification and
requesting information in plaintext.
. 2008-02-06:
Core sends the draft advisory, including proof of concept code to
demonstrate the vulnerability.
Just published the below advisory describing an issue with Mail.app
and a solution. I comment on the flaw on my blog:
http://enablesecurity.com/2008/10/03/apple-mailapp-security-advisory/
An up to date version of the advisory can be found:
http://resources.enablesecurity.com/advisories/apple-mailapp-smime.txt
The advisory was first published on EnableSecurity Newsletter. If
you'd like to subscribe then send an email to
newsletter@enablesecurity.com
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
AOL Instant Messenger ("AIM", http://www.aim.com) is an instant messaging
application that allows its users to communicate in real time via text,
voice, and video over the Internet. It is maintained by AOL LLC. AIM Pro
is AOL's business-oriented version of AIM targeted for professional use
with an emphasis on "business-grade" security and integration with email
client and other productivity applications
(http://aimpro.premiumservices.aol.com/) AIM Lite, as defined in its
website (http://x.aim.com/laim/), is a reference application used to test
new technology also developed by AOL and available for the public in the
form of a "light IM client".
-----Original Message-----
From: full-disclosure-bounces@lists.grok.org.uk [mailto:full-disclosure-bounces@lists.grok.org.uk] On Behalf Of NSO Research
Sent: Tuesday, October 20, 2009 12:10 PM
To: full-disclosure@lists.grok.org.uk; bugtraq@securityfocus.com
Subject: [Full-disclosure] NSOADV-2009-003: Websense Email Security Cross Site Scripting
_________________________________________
Security Advisory NSOADV-2009-003
_________________________________________
_________________________________________
Title:
======
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites
Date:
=====
2012-04-13
SektionEins GmbH
www.sektioneins.de
-= Security Advisory =-
Advisory: MyBB Password Reset Email BCC: Injection Vulnerability
Release Date: 2010/04/13
Last Modified: 2010/04/13
Author: Stefan Esser [stefan.esser[at]sektioneins.de]
Application: MyBB <= 1.4.11
Hello Bugtraq!
I want to warn you about security vulnerabilities in email clients,
particularly in Outlook Express and Outlook. This advisory is concerned with
my series of advisories about vulnerabilities in browsers, which belong to
group of DoS via protocol handlers.
All those who doubt that these DoS vulnerabilities in browsers and email
clients are security vulnerabilities, must read my first advisory on this
topic (http://www.securityfocus.com/archive/1/511327/30/0/threaded). Where I
el nico destinatario de dichos datos, y cuya finalidad exclusiva es la
gestin de clientes y acciones de comunicacin comercial, y de que tiene
la posibilidad de ejercer los derechos de acceso, rectificacin,
cancelacin y oposicin previstos en la ley mediante carta dirigida a
Internet Security Auditors, c. Santander, 101. Edif. A. 2º 1ª, 08030
Barcelona, o va e-mail a la siguiente direccin de correo:
legal@isecauditors.com
>
> On Fri, Jul 17, 2009 at 2:48 PM, ISecAuditors Security
== DoS attacks on MIME-capable software via complex MIME emails ==
== Preface ==
On the phneutral 0x7d8 and RSS 08, I gave short talks on a widely unregarded
problem with MIME software. Due to popular demand, I decided to publish a
short writeup of the talk.
== What is MIME? ==
MIME is the standard format for email-messages. One could say, MIME is for
email, what html is for the web. The first RFC for MIME was published in
Also, same vulnerabilities were reported and fixed in Sendmail
(CVE-2006-1173).
--Tuesday, December 9, 2008, 1:52:17 AM, you wrote to bugtraq@securityfocus.com:
brlc> == DoS attacks on MIME-capable software via complex MIME emails ==
brlc> == Preface ==
brlc> On the phneutral 0x7d8 and RSS 08, I gave short talks on a widely unregarded
brlc> problem with MIME software. Due to popular demand, I decided to publish a
brlc> short writeup of the talk.
Severity Rating: CVSS v2 Base Score: 6.8 (AV:N/AC:L/Au:S/C:C/I:N/A:N)
Affected products:
EMC SW: EMC SourceOne Email Management for Microsoft Exchange 6.5.2.3668 (SP2 HF3) and earlier
EMC SW: EMC SourceOne Email Management for Notes/Domino 6.5.2.3668 (SP2 HF3) and earlier
EMC SW: EMC SourceOne Email Management for Microsoft Exchange 6.6.0.1209 (HF1) and earlier
Security Advisory NSOADV-2009-003
_________________________________________
_________________________________________
Title: Websense Email Security Cross Site Scripting
Severity: Low
Advisory ID: NSOADV-2009-003
Found Date: 28.09.2009
Date Reported: 01.10.2009
Release Date: 20.10.2009
A Remote Code Execution vulnerability exists in Vtiger CRM version
5.0.4. In order to exploit this vulnerability an account on the CRM
system is required.
The vulnerability resides in the "Compose Mail" section. The software
permits sending email with attachments and offers a draft save feature.
When this feature is requested and an attachment is specified, the
"saveForwardAttachments" validation routine is called.
This routine involves some security checks to handle uploaded files, it
> (e.g. "aaaaaaaa") or dictionary words (e.g. "pentagon" or "computer").
>
> The abuse of this functionality permits an attacker to do thousands of
> authentication requests during a day over one user account, so if the
> user is using a weak password is a matter of time to guess to have
> access to the mail account.
>
> IV. PROOF OF CONCEPT
> -------------------------
> As only requirement, the attacker needs a real Gmail account, but
> that's not a real limitation as service is for free.
(e.g. "aaaaaaaa") or dictionary words (e.g. "pentagon" or "computer").
The abuse of this functionality permits an attacker to do thousands of
authentication requests during a day over one user account, so if the
user is using a weak password is a matter of time to guess to have
access to the mail account.
IV. PROOF OF CONCEPT
-------------------------
As only requirement, the attacker needs a real Gmail account, but
that's not a real limitation as service is for free.
#!/usr/bin/python
#--------------------------------------------------------------------------------
#(POST var 'resetpwemail') BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-->
#--------------------------------------------------------------------------------
#
#CMS INFORMATION:
#
#-->WEB: http://www.alumniserver.net/
#-->DOWNLOAD: http://www.alumniserver.net/
#-->DEMO: N/A
OVERVIEW:
I would like to draw your attention on a problem that is already known and is surely exploited for a long time, but clearly seems to be underestimated.
the problem is explained quickly:
- email service provider delete inactive accounts after six or twelve months of inactivity and release the adresse (nearly every big email provider does it)
- many platforms (webshops, forums, etc...) do NOT delete inactive accounts
This asymmetry in handling inactive accounts has the consequence that thousands of accounts of various online platforms can be hijacked by attackers without any technical difficulties.
The procedure is so simple that it hardly needs to be mentioned:
Advisory: IceWarp WebMail Server: Cross Site Scripting in Email View
During a penetration test, RedTeam Pentesting discovered that the IceWarp
WebMail Server is prone to Cross Site Scripting attacks in its email view.
This enables attackers to send emails with embedded JavaScript code,
for example, to steal users' session IDs.
Details
=======
- -----------/
*Report Timeline*
. 2008-01-30: Initial contact email sent by to Wonderware setting the
estimated publication date of the advisory to February 25th.
. 2008-01-30: Contact email re-sent to Wonderware asking for a software
security contact for Wonderware InTouch.
. 2008-02-06: New email sent to Wonderware asking for a response and for
a software security contact for Wonderware InTouch.
# 59. if (!$nama || preg_match("/[^a-zA-Z0-9_-]/", $nama)) $error .= "Karakter Username tidak diizinkan kecuali a-z,A-Z,0-9,-, dan _<br />";
# 60. if (strlen($nama) > 10) $error .= "Username Terlalu Panjang Maksimal 10 Karakter<br />";
# 61. if (strrpos($nama, " ") > 0) $error .= "Username Tidak Boleh Menggunakan Spasi";
# 62. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT user FROM useraura WHERE user='$nama'")) > 0) $error .= "Error: Username ".$nama." sudah terdaftar , silahkan ulangi.<br />";
# 63. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT user FROM temp_useraura WHERE user='$nama'")) > 0) $error .= "Error: Username ".$nama." sudah terdaftar , silahkan ulangi.<br />";
# 64. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT email FROM useraura WHERE email='$email'")) > 0) $error .= "Error: Email ".$email." sudah terdaftar , silahkan ulangi.<br />";
# 65. if ($koneksi_db->sql_numrows($koneksi_db->sql_query("SELECT email FROM temp_useraura WHERE email='$email'")) > 0) $error .= "Error: Email ".$email." sudah terdaftar , silahkan ulangi.<br />";
# 66. if (!nama) $error .= "Error: Formulir Nama belum diisi , silahkan ulangi.<br />";
# 67. if ($cekperaturan != "1") $error .= "You should be agree with rules and conditions of use!<br />";
# 68. if (!nama) $error .= "Error: Formulir Nama belum diisi , silahkan ulangi.<br />";
# 69. if (!password) $error .= "Error: Formulir Password belum diisi , silahkan ulangi.<br />";
Security Advisory NSOADV-2009-002
_________________________________________
_________________________________________
Title: Websense Email Security Web Administrator DoS
Severity: Low
Advisory ID: NSOADV-2009-002
Found Date: 28.09.2009
Date Reported: 01.10.2009
Release Date: 20.10.2009
Description
-----------
Several Cross Site Scripting vulnerabilities were found in within Outlook Web Access (OWA) 2003/2007. An attacker can craft a malicious email which will trigger within a user's browser. Different version of OWA and different clients (Light and Premium) have different attack vectors which can result in an attacker gaining *persistent* control over a victim's use of Outlook Web Access. An attacker would have full control and access to the victims e-mail account. This control could be further abused by utilising techniques such as JavaScript root-kits or web worms.
Analysis
--------
Head of Digital Security Research Group
______________________
DIGITAL SECURITY
phone: +7 812 703 1547
+7 812 430 9130
e-mail: a.polyakov@dsec.ru
www.dsec.ru
www.dsecrg.com
www.pcidss.ru
Let's take one for example. Did you email secure@microsoft.com? I have
before and 100% of the time they respond.
Patches take time. The do not occur over night. Furthermore it may
take a day for the vendor to respond to you.
This isn't about past issues, this is about this issue. A single day did
not pass between when you emailed these vendors and when you posted
here. Have you considered giving these vendors time to respond? I do
not find that 99% of them don't, rather I find that they do. Should you
#####################################################################################
===============
1) Introduction
===============
Sick of junk email? Bored of all email programs looking the same? Take a look at Eureka Email and see how different things could be...
Eureka Email has a built in junk email filter which can remove about 95% of your spam and it continually learns as it comes across new junk emails. You can customise the program so each of your friends has their own icon and sound for when they send you an email. You can also set up special accounts for your children so that they never get to see sexually explicit or offensive junk emails.
(from Eureka Mail website)
#####################################################################################
Next Page>>
|
