Vulnerability Development mailing list archives

Email webbugs

From: "abuse" <postmaster () getinfo org>
Date: Mon, 27 Aug 2001 08:12:30 -0400

One of the things that has always bothered me about Outlook Express and
Outlook is that they are susceptable to webbugs. Basically there are no
options to block confirmation of your reading an email so any spammer can
verify that your address is active as long as they can get you to just view
an email.

A lot of people have difficulty understanding exactly what this means so I
set up a demonstration page at http://www.nthelp.com/OEtest/oe.htm in an
attempt to raise awareness of this nonsense and get MS to do something about
it. I don't know if other email programs like Eudora and Netscape are
vulnerable to email webbugs so if anyone tests those please let me know the
results.

Anyway, I've made the test site available to the public now so if you want
to check your email reader, feel free.

Geo.

Current thread:

Email webbugs abuse (Aug 27)
- Re: Email webbugs Peter Pekala (Aug 27)
  - RE: Email webbugs Dom De Vitto (Aug 28)
    - Re: Email webbugs Mariano Vassallo (Aug 28)
    - Re: Email webbugs James Robbins (Aug 28)
- Re: Email webbugs ezat_t (Aug 27)
- <Possible follow-ups>
- RE: Email webbugs Javier Palomares Lopez (Aug 27)
- Re: Email webbugs edgar . mendez (Aug 27)
- Re: Email webbugs John Hicks (Aug 31)
- RE: Email webbugs Hicks, John (Aug 31)