[Tickets #14748] mailsploit vulnerability
noreply at bugs.horde.org
noreply at bugs.horde.org
Tue Dec 5 21:47:17 UTC 2017
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: https://bugs.horde.org/ticket/14748
------------------------------------------------------------------------------
Ticket | 14748
Erstellt Von | sca at andreasschulze.de
Zusammenfassung | mailsploit vulnerability
Warteschlange | IMP
Version | 6.2.21
Typ | Bug
Status | Unconfirmed
Priorität | 1. Low
Milestone |
Patch |
Zuständige |
------------------------------------------------------------------------------
sca at andreasschulze.de (2017-12-05 21:47) hat geschrieben:
many client are affected by 'mailsploit': https://www.mailsploit.com/index
Basically the attacker uses special characters inside encoded words to
spoof the sender:
From:
=?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?==?utf-8?Q?=00?==?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@mailsploit.com
Such header naively decoded incorrectly is:
potus at whitehouse.gov\0potus at whitehouse.gov@mailsploit.com
IMP fail to decode / parse the RFC5322.From Header correctly
sca at andreasschulze.de (2017-12-05 21:47) hat hochgeladen: mailsploit.png
https://bugs.horde.org/h/services/download/?app=whups&actionID=download_file&file=mailsploit.png&ticket=14748&fn=%2Fmailsploit.png
More information about the bugs
mailing list