mailing list archives
%25c double-parse vulnerability exploitable via email
From: yehuda <yehuda () essutton com>
Date: Wed, 16 May 2001 11:58:00 -0400
This may be obvious, but even if a server is not accessible to the
internet, you can exploit it via email. All you need is the following
1 - an email address on their network. It must be one that someone will
read, and the person must be using a reader that renders html mail.
2 - the hostname or IP of the win2k server
all you need to do is craft an html email to your mail user (see 1 above)
with the %25c double-parse vulnerability as a url in the mail message.
(Use an img tag so it will run automatically and attempt to download an
user reads the message, and blammo!
if an administrator feels he doesn't need to patch his win2k server
because it's not available on the internet, think again.
- %25c double-parse vulnerability exploitable via email yehuda (May 16)