Home page logo
/

bugtraq logo Bugtraq mailing list archives

%25c double-parse vulnerability exploitable via email
From: yehuda <yehuda () essutton com>
Date: Wed, 16 May 2001 11:58:00 -0400

        This may be obvious, but even if a server is not accessible to the
internet, you can exploit it via email. All you need is the following
information:

1 - an email address on their network. It must be one that someone will
read, and the person must be using a reader that renders html mail.
2 - the hostname or IP of the win2k server

all you need to do is craft an html email to your mail user (see 1 above)
with the %25c double-parse vulnerability as a url in the mail message.
(Use an img tag so it will run automatically and attempt to download an
"image".)

user reads the message, and blammo!

        if an administrator feels he doesn't need to patch his win2k server
because it's not available on the internet, think again.


  By Date           By Thread  

Current thread:
  • %25c double-parse vulnerability exploitable via email yehuda (May 16)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]