Web Application Security
Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Smarter Mail All Versions - Privilege Escalation
Feb 03 2014 08:06PM
Mark Litchfield (mark securatary com)
This attack will allow a regular SmarterMail user to elevate their
privileges to Domain Administrator.
I tried to contact Smartmail with the usual security email aliases,
apparently they do not have any. I posted to their forum for a contact
and all I got was an email stating check you are runn...
[ more ]
Copyright 2010, SecurityFocus