Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: RE:Re: RE: FWD: Internet Explorer URL parsing vulnerability

From: "Clint Bodungen" <clint () secureconsulting com>
Date: Wed, 10 Dec 2003 11:22:10 -0600
I've been getting spam accusation bouncebacks from about 4 people now on this thread.  Seems like the entire City of 
Ft. Worth, TX has a nice big brother in place:

The City of Fort Worth has implemented a spam filter.
If you are receiving this message the original e-mail was
determined to be spam and not delivered to its destination.

If this mail is not spam please contact postmaster () fortworthgov org.

Why the filter thinks this is SPAM:
Message scored 5.5 out of a required 5.0 positive tests.

 3.1 USERPASS               URI: URL contains username and (optional) password
 2.4 HTTP_ESCAPED_HOST      URI: Uses %-escapes inside a URL's hostname

  ----- Original Message ----- 
  From: Exibar 
  To: full-disclosure () lists netsys com 
  Sent: Wednesday, December 10, 2003 10:32 AM
  Subject: Re: RE:Re: [Full-disclosure] RE: FWD: Internet Explorer URL parsing vulnerability


  I'll bet that this guy doesn't get half of the e-mail he's expecting.....
    ----- Original Message ----- 
    From: AntiSpam UOL 
    To: exibar 
    Sent: Wednesday, December 10, 2003 11:24 AM
    Subject: RE:Re: [Full-disclosure] RE: FWD: Internet Explorer URL parsing vulnerability


           
                   
                Olá,

                Você enviou uma mensagem para igorcarboni () uol com br
                Para que sua mensagem seja encaminhada, por favor, clique aqui

                 
                Esta confirmação é necessária porque igorcarboni () uol com br usa o Antispam UOL, um programa que 
elimina mensagens enviadas por robôs, como pornografia, propaganda e correntes.

                As próximas mensagens enviadas para igorcarboni () uol com br não precisarão ser confirmadas*.
                *Caso você receba outro pedido de confirmação, por favor, peça para igorcarboni () uol com br incluí-lo 
em sua lista de autorizados.

                      Atenção! Se você não conseguir clicar no atalho acima, acesse este endereço:
                      
http://tira-teima.as.uol.com.br/challengeSender.html?data=0C%2BUJvHozYJSDqZeA8HoOXNcbzbyiHEE3QzKqhfTF1HUOTBn1aqyyGwiKIDeJjPbp0yF0rvLLtZ6%0AsFFiP8xdcyjr4oCMD52UFgokem8uLA2kizdJ9sULFX2k6qEGIpi9M9tWre91YYEGWxvTFakHfCXx%0AeHSlqe1A81RX54%2B4dtQ7lvqbPrYbrDL05uyupFnrKCrmLQ3YFLlWOhxOWFK6nw%3D%3D
 
               
         

----------------------------------------------------------------------
         
                   
                Hi,

                You´ve just sent a message to igorcarboni () uol com br
                In order to confirm the sent message, please click here

                 
                This confirmation is necessary because igorcarboni () uol com br uses Antispam UOL, a service that 
avoids unwanted messages like advertising, pornography, viruses, and spams.

                Other messages sent to igorcarboni () uol com br won't need to be confirmed*.
                *If you receive another confirmation request, please ask igorcarboni () uol com br to include you in 
his/her authorized e-mail list.

                      Warning! If the link doesn´t work, please copy the address below and paste it on your browser:
                      
http://tira-teima.as.uol.com.br/challengeSender.html?data=0C%2BUJvHozYJSDqZeA8HoOXNcbzbyiHEE3QzKqhfTF1HUOTBn1aqyyGwiKIDeJjPbp0yF0rvLLtZ6%0AsFFiP8xdcyjr4oCMD52UFgokem8uLA2kizdJ9sULFX2k6qEGIpi9M9tWre91YYEGWxvTFakHfCXx%0AeHSlqe1A81RX54%2B4dtQ7lvqbPrYbrDL05uyupFnrKCrmLQ3YFLlWOhxOWFK6nw%3D%3D
 
               

         
          Use o AntiSpam UOL e proteja sua caixa postal
Previous By Date Next
Previous By Thread Next

Current thread: