Re: [Full-Disclosure] Thomas E Cooper/Boulder/IBM is out of the office.
From: Jason (security@brvenik.com)
Date: 04/17/03
- Previous message: Len Rose: "[Full-Disclosure] [sean@donelan.com: DoS and cable cuts take toll on entire country of Pakistan]"
- In reply to: Valdis.Kletnieks@vt.edu: "Re: [Full-Disclosure] Thomas E Cooper/Boulder/IBM is out of the office."
- Next in thread: Neeko Oni: "Re: [Full-Disclosure] Thomas E Cooper/Boulder/IBM is out of the office."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: Jason <security@brvenik.com> To: full-disclosure@lists.netsys.com Date: Wed, 16 Apr 2003 21:50:07 -0400
I hate to use IBM as an example but I sent a message last week with a
bit about these OOTO messages and leakage of information / target
aquisition.
No X-Mailer but the Thomas E Cooper/Boulder/IBM suggests Notes pretty
strongly, there are a few other possibilities but I believe they are all
extremely old mailers. It is IBM, duh! I think there is no real need to
ask what they are using just what version.
A google for "X-MIMETrack: Serialize by Router" and "IBM" promptly
points us to http://www.omg.org/issues/issue4397.txt
which contains a quite dated X-Mailer confirming notes
X-Mailer: Lotus Notes Release 5.0.5 September 22, 2000
but a few links down there is the very promising archived message
http://lists.w3.org/Archives/Public/www-forms/2003Apr/0037.html
relevant bits
> Date: Fri, 11 Apr 2003 14:31:07 -0400
> X-Mailer: Lotus Notes Release 6.0 September 26, 2002
> X-MIMETrack: Serialize by Router on D01ML233/01/M/IBM(Release 6.0.1
> [IBM]|April 9, 2003) at
> 04/11/2003 14:31:09,
> Serialize complete at 04/11/2003 14:31:09
So not a definitive answer but a high probability of Lotus Notes Release
6.0.0 or 6.0.1 is in use.
Off to http://icat.nist.gov/icat.cfm I go
Plug in Lotus Notes and click "One Year"
only 4 known potentials this year with a low probability of success in
this case unless it is still 6.0.0, suprisingly a mentioned vector is email.
http://marc.theaimsgroup.com/?l=bugtraq&m=104550124032513&w=2
This is all public information from public archives and only 10 minutes
of search and type.
-J
Valdis.Kletnieks@vt.edu wrote:
> On Wed, 16 Apr 2003 14:14:26 EDT, Michael Scheidell said:
>
>>>
>>>I will be out of the office starting April 16, 2003 and will not return
>>>until April 21, 2003.
>>>
>>>I will respond to your message when I return.
>>
>>Cool... is your house empty too?
>
>
> Amazingly enough, his message didn't leak an X-Mailer: line.
>
> The previous person to do that to me leaked this:
>
> X-Mailer: Internet Mail Service (5.5.2655.55)
>
> Hmm... Who wants to do a cross-correlate of that to vulnerabilities that
> we could leave in their inbox for when they get back and are likely to
> open things without being careful because they're buried in messages?
>
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Len Rose: "[Full-Disclosure] [sean@donelan.com: DoS and cable cuts take toll on entire country of Pakistan]"
- In reply to: Valdis.Kletnieks@vt.edu: "Re: [Full-Disclosure] Thomas E Cooper/Boulder/IBM is out of the office."
- Next in thread: Neeko Oni: "Re: [Full-Disclosure] Thomas E Cooper/Boulder/IBM is out of the office."
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
