On Thu, Apr 25, 2013 at 09:47:09AM -0500, Derek Martin wrote: > On Thu, Apr 25, 2013 at 02:36:03AM +0200, Vincent Lefevre wrote: > > On 2013-04-24 19:04:12 -0500, Derek Martin wrote: > > This happens when mail is sent locally on the machine. > > You're wrong again--it happens whenever the recipient's mail server > is the SMTP machine which recieves the mail, such as at many sites > which use Windows clients with SMTP outgoing and IMAP incoming--but > even if you're right, that's more than enough. Many people who use > Mutt are college students who are using mutt on their local university > server.
In "normal" e-mail operations, this may be dependent on the behavior of the mail client, i.e. if it sends separate messages for each recipient. In an attack, this is not interesting. The attacker is at your site (he must be, in order to effect a temp file attack). So, he can either send the message to the target and himself from your machine, or he can just telnet to your SMTP server and write the message by hand. The point is, in exactly the circumstances where a temporary file attack would be possible, it is TRIVIAL for an attacker to get an exact copy of a message sent to the target. -- Derek D. Martin http://www.pizzashack.org/ GPG Key ID: 0xDFBEAD02 -=-=-=-=- This message is posted from an invalid address. Replying to it will result in undeliverable mail due to spam prevention. Sorry for the inconvenience.
pgp1sA4FgPYMt.pgp
Description: PGP signature
