[NEWS] Mail Essentials Reveals Identity of First BCC Recipient
From: support@securiteam.comDate: 12/14/01
- Previous message: support@securiteam.com: "[UNIX] CSVForm (Perl CGI) Remote Execution Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: support@securiteam.com To: list@securiteam.com Date: Fri, 14 Dec 2001 16:26:41 +0100 (CET)
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion
When was the last time you checked your server's security?
How about a monthly report?
http://www.AutomatedScanning.com - Know that you're safe.
- - - - - - - - -
Mail Essentials Reveals Identity of First BCC Recipient
------------------------------------------------------------------------
SUMMARY
A possible privacy vulnerability has been found in
<http://www.gfisoftware.com/me/mesfeatures.htm> Mail Essentials from GFI
Software. The first BCC address recipient is inserted inside the e-mail's
standard header, thus revealing its identity.
DETAILS
Vulnerable systems:
Mail essentials 5
Immune systems:
Mail essentials 2000
Headers that are handled by Mail Essentials have been found to contain the
following:
Received: From mail.server by other.server
Mail essentials (server 2.422) with SMTP id: <513@mail.server> for
<bcc_person@address>; Wed, 29 Aug 2001 16:19:12 +0100 smtp mail from
<originator@address>
The 'bcc_person@address' is, presumably, the first person on the BCC list.
Vendor response:
The following response has been received from GFI:
"GFI has received a report that Mail essentials 5, an email content
checking and anti-virus gateway, has an issue where in some cases an email
in the Bcc field is stored in the Internet headers.
GFI would like to clarify that this problem exists only in Mail essentials
5, which is an old version of the product. GFI already has an upgrade to
Mail essentials 5 and customers can upgrade to the latest version for
free; this has been the case for the past year.
It is important to note that, although the Bcc is saved in the email, it
is saved in a section of the SMTP Internet headers - which the email
client does not show by default; for users to see this information, they
must open the email in a detailed view. Also, this problem arises only in
2 cases, the first case being when an email is sent with approximately 100
emails in the To field and 2 or more emails in the Bcc field, and the
second when an email is sent with no recipients in the To field and with
2 or more recipients in the Bcc field."
ADDITIONAL INFORMATION
The information has been provided by <mailto:ronan.waide@euroconex.com>
Ronan Waide.
========================================
This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com
====================
====================
DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.
- Previous message: support@securiteam.com: "[UNIX] CSVForm (Perl CGI) Remote Execution Vulnerability"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
