Bugtraq mailing list archives
RE: iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability
From: "Larry Seltzer" <larry () larryseltzer com>
Date: Sat, 9 Apr 2005 13:30:31 -0400
Within the SMTP header, when the From field contains multiple
comma-separated addresses, Outlook and OWA will only display the first address. Why is this called a "spoofing vulnerability"? It's not like the From: address in SMTP is reliable anyway. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blog.ziffdavis.com/seltzer larryseltzer () ziffdavis com
Current thread:
- iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability iDEFENSE Labs (Apr 09)
- RE: iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability Larry Seltzer (Apr 12)