Full Disclosure mailing list archives
Re: Out of Office AutoReply: Snort Signature to det ect credit cards
From: "Fredrick Diggle" <fdiggle () gmail com>
Date: Sun, 11 May 2008 01:07:49 -0500
Fredrick Diggle would like to disclose a vulnerability in email auto responders. Using these auto responders causes information disclosure that the victim is currently not in the office. an attacker could use this information to know when a victim is not in the office and XSS their browser for fun and profit. On Fri, May 9, 2008 at 6:45 AM, Nick FitzGerald <nick () virus-l demon co uk> wrote:
Randal T. Rioux to Bill West: > > I am no longer on-site full time and have limited access to e-mail. I will > > respond to you as soon as I can. If your issue is an emergency, please use > > the contacts below. <<snip>>> Did I mention the social engineering treasures sent around the world with > each one? Do you really work in security? Maybe this kind of thing is why he no longer... Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Out of Office AutoReply: Snort Signature to det ect credit cards Randal T. Rioux (May 09)
- Re: Out of Office AutoReply: Snort Signature to det ect credit cards Nick FitzGerald (May 09)
- Re: Out of Office AutoReply: Snort Signature to det ect credit cards Fredrick Diggle (May 11)
- Re: Out of Office AutoReply: Snort Signature to det ect credit cards Nick FitzGerald (May 09)