[Full-disclosure] RE: Security issue in Microsoft Outlook
I was not able to duplicate this. Typing over the existing URL replaced both the displayed and link text. Could anyone else duplicate? Keenan -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] RE: Security issue in Microsoft Outlook
I was not able to duplicate this with Outlook 2003. Both URLs were visible, only the cybertrion URL was hotlinked, with no space inbetween the two. i.e.: http://www.foo-labs.infohttp://www.cybertrion.com On 5/23/05, Keenan Smith [EMAIL PROTECTED] wrote: I was not able to duplicate this. Typing over the existing URL replaced both the displayed and link text. Could anyone else duplicate? Keenan -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- ME2 http://www.santeriasys.net/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
RE: [Full-disclosure] RE: Security issue in Microsoft Outlook
I was able to duplicate. After creating the url link, I put the cursor right after the 'www.' And typed in the 'foo-labs.info'. Then I delete everything after 'info' and sent it. The link read foo-labs and went to cybertrion. -David -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Micheal Espinola Jr Sent: Monday, May 23, 2005 1:13 PM To: full-disclosure@lists.grok.org.uk Subject: Re: [Full-disclosure] RE: Security issue in Microsoft Outlook I was not able to duplicate this with Outlook 2003. Both URLs were visible, only the cybertrion URL was hotlinked, with no space inbetween the two. i.e.: http://www.foo-labs.infohttp://www.cybertrion.com On 5/23/05, Keenan Smith [EMAIL PROTECTED] wrote: I was not able to duplicate this. Typing over the existing URL replaced both the displayed and link text. Could anyone else duplicate? Keenan -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ -- ME2 http://www.santeriasys.net/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/ ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] RE: Security issue in Microsoft Outlook
On Mon, May 23, 2005 at 01:25:35PM -0700, David Cleveland wrote: I was able to duplicate. After creating the url link, I put the cursor right after the 'www.' And typed in the 'foo-labs.info'. Then I delete everything after 'info' and sent it. The link read foo-labs and went to cybertrion. After much trials and tribulations, I was able to replicate this. And you know what? IT'S THE EXACT SAME RESULT AS IF SOMEONE HAD CLICKED EDIT AND CHANGED THE URL! So, what this means is that there is a bug in Outlook by which one can, if one has not clicked off the link since creating it, create a link, alter it, and not have the target altered to the new URL. I say bug in quotes because what presumably is going on is the function that updates the target is not called, leaving the old target in there. Is this a security risk? NO! The reporter is a troll or a moron! Since my prior sarcasm was apparently lost on some readers, THIS IS A FEATURE OF HTML! Links can point to other places than the text in between the link tags! If they couldn't, there'd be no point to having links! If you have a problem with this, go back to using Gopher--or better yet, stop using the Internet. We'll all miss your valuable input. Once and for all: THIS IS NOT A VULNERABILITY. Now, can we all let this stupid thread die? Thanks and have a great day. :) -- Dan ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] RE: Security issue in Microsoft Outlook
how come the troll threads are always the longest? :) C ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
This can fool people but it's not a bug in my opinion. It's the same as html body a href=http://google.comhttp://yahoo.com/a /body /html You can also achieve this by typing a url and right clicking it then by clicking edit hyperlink, then you can change the values to mask it. So this is not a bug just a feature that can be used to trick users. David Corn Security Consultant Covetrix, IT Consulting Group http://www.covetrix.com Phone: 214-575-9583 x116 Fax: 214-575-9584 -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 3:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
That's exactly what I said earlier. The thing is this is NOT outlook specific, ANY program that allows HTML is subject to this. a href=someurlfake name/a This is far from a security risk, HTML is a feature not a bug. David Corn Security Consultant Covetrix, IT Consulting Group http://www.covetrix.com Phone: 214-575-9583 x116 Fax: 214-575-9584 -Original Message- From: Scovetta, Michael V [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 5:42 PM To: Bakchodiya; bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: RE: Security issue in Microsoft Outlook Sorry to shoot you down, but this isn't a security issue at all. You can do the same thing by typing some text, highlighting it, right-clicking, clicking Hyperlink, and typing an address. On the receiving end, the client will get: a href=http://www.foo-labs.info;http://www.cybertrion.com/a which is perfectly fine. They'll see after they click on the link that they're going to foo-labs. At that point, it's out of Outlook's hands. Now, if Outlook showed in the mouseover the cybertrion.com link, then they would be a problem, but it appears to be working fine on Outlook 2003. Haven't tested previous versions, but this seems like it's working as designed. Regards, Michael Scovetta Computer Associates Senior Application Developer -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
Outlook does that when composing an email in HTML format, where you can have any name associated to a link with a a href tag. The example you give is something like a href=http://www.cybertrion.com; http://www.foo-labs.info/a Regards, -- Domingos Bruges -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: quarta-feira, 18 de Maio de 2005 21:28 To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
Sorry to shoot you down, but this isn't a security issue at all. You can do the same thing by typing some text, highlighting it, right-clicking, clicking Hyperlink, and typing an address. On the receiving end, the client will get: a href=http://www.foo-labs.info;http://www.cybertrion.com/a which is perfectly fine. They'll see after they click on the link that they're going to foo-labs. At that point, it's out of Outlook's hands. Now, if Outlook showed in the mouseover the cybertrion.com link, then they would be a problem, but it appears to be working fine on Outlook 2003. Haven't tested previous versions, but this seems like it's working as designed. Regards, Michael Scovetta Computer Associates Senior Application Developer -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Security issue in Microsoft Outlook
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 You can also do that by adjusting the properties of the link. In the same way you can take any text and make it into a link. If you view mail in plain text only then it wont effect you. The link text/actual url is an HTML anchor tag: a href=url.you.go.totext you see/a Bakchodiya wrote: An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.1 (MingW32) iD8DBQFCi89Gidl9XSzz+O4RAhLqAJ9n6iEvijjfuXbLkJ+PRxCthL3QiQCgldil 7mAXuAkqjy/36BJLqF7vTmE= =Aw8q -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Security issue in Microsoft Outlook
How is this any different than having the text of a link say something other than the URL? This is possible in HTML (in any application) and Microsoft Office application. For example, go into Word and type some text then highlight it, and press Ctrl+K. Then type in the URL you want. This is now a hyperlink. Also note that the tool tip should show the correct link. This is essentially the same as the following HTML: A HREF=http://evil;http://safe/A Tom Quoting Bakchodiya [EMAIL PROTECTED]: An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
Microsoft Outlook uses HTML to display its messages, this is just a feature of that. No different than setting up link redirection and hiding the ultimate destination on a webpage. Additionally it is simliar to having the alternate text, address and extra info about a link modified in the status bar of a browser. I see no security problem here, and if you feel like avoiding this problem completely just disable theh display of HTML code in the messages you recieve with Microsoft Outlook. Regards, Simon Dever IT Consultant Australia _ Sell your car for $9 on carpoint.com.au http://www.carpoint.com.au/sellyourcar ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Security issue in Microsoft Outlook
you can also do it with HTML. eg. a href=http://www.cybertrion.com;http://www.foo-labs.info/a and in addition u can change the text wich is shown when the cursor is over the link: a href=http://www.cybertrion.com; alt=http://www.foo-labs.info;http://www.foo-labs.info/a Sorry for my bad english. On 5/18/05, Bakchodiya [EMAIL PROTECTED] wrote: An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 -- Jens Becker ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
Doesn't seem to be a problem in Outlook 2003. I made one for http://www.vncscan.com and then followed your instructions to change it to www.hackme.com and it still went to hackme.com. - Steve Bostedor http://www.vncscan.com The Real VNC Manager -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED] Sent: Wednesday, May 18, 2005 4:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Security issue in Microsoft Outlook
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 I must be missing something here. When I create an email with outlook with http://www.cybertrion.comsp and then arrow back to in front of cybertrion and enter http://www.foo-labs.info my url ends up looking like http://www.http://www.foo-labs.infocybertrion.com and that is what get's sent and received by the recipient. I'm apparently not doing this correctly or maybe it's in the way you have your Outlook editing set up. Kevin Bakchodiya wrote: | An issue has been discovered in MS Outlook (All | Versions) where anyone can fake a URL send it | across. | | How does it work: | | Lets compose an email in MS Outlook, lets type | | | http://www.cybertrion.com put a space after it to | make it a link. Now put your cursor just before | cybertrion type any URL for eg: | http://www.foo-labs.info now send it to anyone. The | receiver will see the URL as http://www.foo-labs.info | but when he clicks on it it will directly take him to | http://www.cybertrion.com | | I am not sure how critical this is but it can fool | alot of people result in download of a virus. | | For more details and Discovered by: | Cybertrion Systems, | http://www.cybertrion.com | | | | __ | Do you Yahoo!? | Yahoo! Mail - Find what you need with new enhanced search. | http://info.mail.yahoo.com/mail_250 | -BEGIN PGP SIGNATURE- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFCjJTIaXZlxDxYaM4RAk66AKDFKYLZWnJ14OhPbbdtAkQyZcc1CQCg9SXz n8AW/b0d7lvoHZbX8qzM9zg= =rPud -END PGP SIGNATURE- ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] Re: Security issue in Microsoft Outlook
I could not reproduce this using Outlook 2000(9.0.0.2711) FYI --- Bakchodiya [EMAIL PROTECTED] wrote: An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com __ Do you Yahoo!? Yahoo! Mail - Find what you need with new enhanced search. http://info.mail.yahoo.com/mail_250 Mario Moreno - ...everyone thinks of changing the world, but few think of changing themselves. -L. Tolstoy __ Do you Yahoo!? Read only the mail you want - Yahoo! Mail SpamGuard. http://promotions.yahoo.com/new_mail ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Re: [Full-disclosure] Re: Security issue in Microsoft Outlook
On Wed, May 18, 2005 at 10:07:54PM -0700, Harshad wrote: This issue was originally discovered by Harry from http:// www.securityalertz.com http://www.Harry-Inc.com The article is stolen from http://www.securityalertz.com/Article805.html posted on May 06 2005 ..Lolthe poser below copies most of the articles from Securityalertz on his so called security sites claiming them to be his Bakchodiya [EMAIL PROTECTED] wrote: An issue has been discovered in MS Outlook (All Versions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.info but when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. Erm... do you *want* to admit to 'discovering' this? ;-) Joachim pgpfZ6e3PLhul.pgp Description: PGP signature ___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
[Full-disclosure] RE: Security issue in Microsoft Outlook
This is very unclear. Which version of Outlook? Plain text, HTML, or Rich text? Fully patched? I've tried it using Outlook 2002 with plain text and with HTML and I always end up getting emails that look like: http://www.http://www.foo-labs.infocybertrion.com Gary Love -Original Message- From: Bakchodiya [mailto:[EMAIL PROTECTED]] Sent: Wednesday, May 18, 2005 1:28 PM To: bugtraq@securityfocus.com Cc: full-disclosure@lists.grok.org.uk Subject: Security issue in Microsoft Outlook An issue has been discovered in MS Outlook (AllVersions) where anyone can fake a URL send it across. How does it work: Lets compose an email in MS Outlook, lets type http://www.cybertrion.com put a space after it to make it a link. Now put your cursor just before cybertrion type any URL for eg: http://www.foo-labs.info now send it to anyone. The receiver will see the URL as http://www.foo-labs.infobut when he clicks on it it will directly take him to http://www.cybertrion.com I am not sure how critical this is but it can fool alot of people result in download of a virus. For more details and Discovered by: Cybertrion Systems, http://www.cybertrion.com Yahoo! Mail Stay connected, organized, and protected. Take the tour___ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/