Bugtraq mailing list archives
RE: PING: Outlook 2003 Spam
From: "http-equiv () excite com" <1 () malware com>
Date: Fri, 4 Jun 2004 17:14:06 -0000
I think Mark might be onto something both the vml and the copies of named files in the temp folder no longer appear to occur: http://www.securityfocus.com/bid/10323 http://www.securityfocus.com/bid/10307 Those notes are dated 10th and 11th May. On the machine they no longer work on, we have a couple XP so-called 'patches' from 14th May and 17th May with a 3 or 4 office update folders with files created on 17th May as well. How's that for service. Quick, silent patching ! No need to bother anyone ! Well done lads. [unless of course if our little XP test machines are broken and we are seeing things] "Spencer, Mark" <mspencer () evidentdata com> said:
Hello, A coworker and I spent much of the day yesterday trying to
replicate
this behavior and we were not able to do so. The only time we
can get
Outlook 2003 to pull anything from our server with this code
is when we
send the email within our own MS Exchange. We've tried
multiple
clients, multiple SMTP servers, and many variations of the
code below
and have not been successful, other than emails sent between
Exchange
users. I have not seen any other comments on this issue. Is it
possible
Microsoft has already patched Outlook 2003 to only allow this
behavior
when dealing with a trusted zone? Mark -----Original Message----- From: http-equiv () excite com [mailto:1 () malware com] Sent: Tuesday, May 11, 2004 8:42 AM To: bugtraq () securityfocus com Cc: NTBugtraq () listserv ntbugtraq com Subject: PING: Outlook 2003 Spam Tuesday, May 11, 2004 Outlook 2003 the premier mail client from the company
called 'Microsoft'
certainly appears to have a lot of security features built
into it.
Cursory examination shows excellent thought into 'spam'
containment,
'security' consideration and many other little 'things'. So
much so the
default rendering of html is in so-called 'restricted zone'
which
disallows nearly everything [frames, iframes, objects,
scripting etc.].
In addition 'special' spam measures are taken to disallow
graphic
downloads from a remote server in html email which can be used
to verify
recipients: [screen shot: http://www.malware.com/duhlook.png 40KB] The Key Word is: nearly Utilising Outlook's own bizarre scheMAH ! which comprises
a 'proper'
frame along with an src pointing to our remote server, we are
able to
ping the server and confirm our recipient has viewed our
email. We don't
require graphics or frames or iframes to do that: <v:vml frame style="LEFT: 50px; WIDTH: 300px; POSITION: relative; TOP: 30px; HEIGHT: 200px" src = "http://www.malware.com/duh.txt#malware"></v:vmlframe> <HTML> <HEAD> <STYLE> v\:* { behavior: url(#default#VML); } </STYLE> <XML:NAMESPACE NS="urn:schemas-microsoft-com:vml" PREFIX="v"/>
</HEAD>
Notes: 1. We now commence our examination of the Microsoft Office
2003 suite,
we're a bit late, but it has taken all this time to save up to
buy the
thing 2. Quick 72 hour prodding reveals that this 'perceived'
premier
device known as Outlook 2003 is in fact riddled with holes 3.
Do not
receive or open any emails period. Use string and tin cans if
you must
communicate End Call -- http://www.malware.com
-- http://www.malware.com
Current thread:
- RE: PING: Outlook 2003 Spam Spencer, Mark (Jun 04)
- RE: PING: Outlook 2003 Spam http-equiv () excite com (Jun 04)