oss-sec mailing list archives
Re: spoofing of local email sender via a homoglyph attack
From: John Haxby <john.haxby () oracle com>
Date: Thu, 23 Apr 2020 21:21:35 +0100
On 23 Apr 2020, at 19:12, Solar Designer <solar () openwall com> wrote: Does anyone see any reasonable action on these (non-)issues? If not, I think the CVE should be rejected. It's a case of "works as intended."
Yep. I agree. I don't see this as an issue at all -- it's the way SMTP works, basically. jch
Use CVE-2020-12063.Alexander
Current thread:
- spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Jeremy Stanley (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack John Haxby (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack PromiseLabs Pentest Research (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Wietse Venema (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Solar Designer (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Claus Assmann (Apr 23)
- Re: spoofing of local email sender via a homoglyph attack Stuart D. Gathman (Apr 23)