Re: Out of Office AutoReply: Snort Signature to det ect credit cards

["Fredrick Diggle" <fdiggle () gmail com>]

Fredrick Diggle would like to disclose a vulnerability in email auto
responders. Using these auto responders causes information disclosure
that the victim is currently not in the office. an attacker could use
this information to know when a victim is not in the office and XSS
their browser for fun and profit.

On Fri, May 9, 2008 at 6:45 AM, Nick FitzGerald
<nick () virus-l demon co uk> wrote:
> Randal T. Rioux to Bill West:
>
>
>  > > I am no longer on-site full time and have limited access to e-mail. I will
>  > > respond to you as soon as I can. If your issue is an emergency, please use
>  > > the contacts below.
>  <<snip>>
>
> >
>  > Did I mention the social engineering treasures sent around the world with
>  > each one? Do you really work in security?
>
>  Maybe this kind of thing is why he no longer...
>
>
>
>  Regards,
>
>  Nick FitzGerald
>
>
>
>
>  _______________________________________________
>  Full-Disclosure - We believe in it.
>  Charter: http://lists.grok.org.uk/full-disclosure-charter.html
>  Hosted and sponsored by Secunia - http://secunia.com/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/