Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos network security services platform







Bugtraq: [Hackers Center Security Group] Sqwebmail Http Splitting Vulnerability

[Hackers Center Security Group] Sqwebmail Http Splitting Vulnerability

From: Zinho <zinho_at_hackerscenter.com>
Date: 25 Apr 2005 21:34:10 -0000
('binary' encoding is not supported, stored as-is) Hackers Center Security Group (http://www.hackerscenter.com/)
Zinho's Security Advisory

Desc: Http Splitting leads to email account stealing
Product: SQWebmail
Risk: High

A dangerous http splitting attack can be taken against mailboxes that use Sqwebmail as web mail interface. Anyone can send a malformed link in the email body and stealing session cookie and passwords.

Proof of concept:
///
sqwebmail?redirect=%0d%0a%0d%0a[INJECT SCRIPT]

///

Vendor should patch this issue soon as anyone can attack a user directly.

Author:
Zinho is webmaster and founder of http://www.hackerscenter.com ,
Security research portal
Secure Web Hosting Companies Reviewed:
http://www.securityforge.com/web-hosting/secure-web-hosting.asp

zinho-no-spam @ hackerscenter.com
Received on Apr 26 2005

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]