[Full-Disclosure] iName/Mail.com security holes opens door to millions of e-mail accounts

From: Andrew G. Tereschenko (full-disclosure@lists.netsys.com)
Date: 08/29/02 

From: full-disclosure@lists.netsys.com (Andrew G. Tereschenko)
Date: Thu, 29 Aug 2002 14:50:52 +0300

Thanks Colt for a note,

It was fixed by replacing body to xbody tag.
But the game still runs.

It takes for me 6 minutes to invent another example of this bug.
Not a 100% result, expected ~30%.
It's an extremly easy to cut navigation items from down of page
by using unclosed comments.
Inserting own (linked to evil host) is a one minute task.

Current sample will work in case if user will use
group of buttons located at the down of email.

I think a lot of other samples can be used.
Mail.com failed to correctly show html attachements.

Nobody is perfect, 

--
Andrew G. Tereschenko
TAG Software Research Lab
Odessa, Ukraine
secure@tag.odessa.ua
P.S> Just for a record:
 Ukraine is a fully independ country.
----- Original Message ----- 
From: "Colt Peacemaker" <colt45@sdf.lonestar.org>
Sent: Thursday, August 29, 2002 12:22 PM
> Looks fixed to me.  At least, it doesn't work for me when I try... <BODY>
> and other HTML tags seem to be streng verboten there at any rate.
[skiped]
Quantcast