BugTraq
iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability Apr 08 2005 07:09PM
iDEFENSE Labs (labs-no-reply idefense com) (1 replies)
RE: iDEFENSE Security Advisory 04.08.05: Microsoft Multiple E-Mail Client Address Spoofing Vulnerability Apr 09 2005 05:30PM
Larry Seltzer (larry larryseltzer com)
>>Within the SMTP header, when the From field contains multiple
comma-separated addresses, Outlook and OWA will only display the first
address.

Why is this called a "spoofing vulnerability"? It's not like the From:
address in SMTP is reliable anyway.

Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/
http://blog.ziffdavis.com/seltzer
larryseltzer (at) ziffdavis (dot) com [email concealed]

[ reply ]


 

Privacy Statement
Copyright 2010, SecurityFocus