[Full-Disclosure] iName/Mail.com security holes opens door to millions of e-mail accounts

From: Andrew G. Tereschenko (full-disclosure@lists.netsys.com)
Date: 08/30/02 

From: full-disclosure@lists.netsys.com (Andrew G. Tereschenko)
Date: Fri, 30 Aug 2002 14:54:12 +0300

----- Original Message -----
From: "Colt Peacemaker" <colt45@sdf.lonestar.org>
Sent: Friday, August 30, 2002 8:46 AM

> Heh. Posting on full-disclosure seems to have set the cat among the
> pigeons there ...
>
> AFAICT they seem to have disabled a lot of other stuff over the last 12
> hours or so (javascript for example).

Disagree. They was unable to completely fix HTML attachment bug.
Mail.com has all bugs discovered in other free email systems for last 2-3 years.
I still have example replacing down group of buttons and firing javascript
in onSubmit event
Mail.com has changed /scripts/common/profile.cgi script. (finaly !!).
But i still think that it's possible to get session cookies and use them for evil purpose.

I give ~15 hours to Mail.com to find solution and will
update my example email if they will fail.

As for a javascript - only minor changes was made.
Not a complete solution. 

--
Andrew G. Tereschenko
TAG Software Research Lab
Odessa, Ukraine
Quantcast