Vulnerability Development mailing list archives
Re: The Dangers of Email Archives
From: zeno <bugtraq () cgisecurity net>
Date: Thu, 25 Oct 2001 13:53:37 +0000 (GMT)
You have to admit the distributed factor on this as compared to message board or guestbook hacking is much greater. You figure if 5 million sites archive email maybe 800,000 run effected software. 10 people visit a message with nasty javascript on it on each site. The numbers can get rather large... Also the SSI factor could cause alot of headache's if its enabled, and the tags aren't stripped. - zeno
While this product itself doesn't have a hole in it; it is often used to help to translate mail for other archiving software. I've seen in some examples that email was translated with this tool and archived with other software, and html tags where translated/executed as normal..There are lots of reasonably similar flaws. I scared the **** out of myself when I got a javascript error while reading the Nimda analysis posted to securityfocus.com. Parts were generated by just putting <pre> around the relevant code from Nimda, but IE is more than happy to interpret <script> within <pre>, which caused me to worry that the securityfocus.com page had been rewritten by Nimda, until I looked a bit closer. Be very, very careful how you deal with converting text to html and back. Tim Hollebeek Research Scientist Cigital Labs
Current thread:
- The Dangers of Email Archives bugtraq (Oct 25)
- <Possible follow-ups>
- RE: The Dangers of Email Archives Tim Hollebeek (Oct 25)
- Re: The Dangers of Email Archives zeno (Oct 25)