Vulnerability Development mailing list archives

Re: Another new worm???

From: edebill () MAIL PCORDER COM (Erik Debill)
Date: Tue, 27 Jun 2000 13:05:07 -0500


On Mon, Jun 26, 2000 at 09:23:53PM -0700, Blue Boar wrote:


Someone had asked who uses the scripting features in e-mail clients.  If
you count Notes, I've seen some fairly involved applications written in
Notes.  An old employer of mine did their entire purchase order system
in Notes.


Massive scripting combined with a very buggy client.  The features
that are /supposed/ to be there don't work reliably.  I can't imagine
they've done a good job with security.  The databases it uses to store
messages get corrupted regularly (mine just lost track of which of the
500 messages in my inbox had been read).

Don't forget that just about everything is also exposed through a web
interface - so you have an additional vector for doing bad things.
(Is it possible to create a message that appears substantially
different in the Notes client and via the web? Formatting changes.
Tables disappear.  Perhaps it would be possible to create messages
that read two different ways?)

Attacks on the replication facility would be interesting as well.
(This is a facility whereby a user can download a working copy of a
frequently used database to their local machine and then keep that
copy synchronized with the master - at the least creating
"interesting" things in the local copy would be fun.

Erik

Current thread:

Re: Another new worm???, (continued)
- - - Re: Another new worm??? Elias Levy (Jun 26)
    - Re: Another new worm??? Crispin Cowan (Jun 27)
    - Re: Another new worm??? Dino Amato (Jun 28)
    - dalnet 4.6.5 remote vulnerability Matt Conover (Jun 28)
    - *snprinf vs strncpy (misconception) Matt Conover (Jun 28)
- Re: Another new worm??? Crispin Cowan (Jun 24)
- Re: Another new worm??? sigipp () WELLA COM BR (Jun 26)
  - Re: Another new worm??? Mark Rafn (Jun 26)
  - Re: Another new worm??? Blue Boar (Jun 26)
    - Webramp 310e Call Back Tom Sutherland (Jun 27)
    - Re: Another new worm??? Erik Debill (Jun 27)
    - HP's OpenMail 6.0 for linux. Larry Cashdollar (Jun 27)
  - Re: Another new worm??? Dimitry Andric (Jun 27)
  - linux-ftpd 0.16 is also vulnerable Paulo Ribeiro (Jun 27)
    - Re: linux-ftpd 0.16 is also vulnerable Daniel Jacobowitz (Jun 28)
- Re: Another new worm??? Dan Schrader (Jun 26)
- Re: Another new worm??? edurflinger () CORNINGDATA COM (Jun 28)
- Re: Another new worm??? Dan Schrader (Jun 28)
  - Re: Another new worm??? Blue Boar (Jun 28)
- Re: Another new worm??? tschweikle () FIDUCIA DE (Jun 28)