[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Re: Serious Security Hole in Hotmail
From:       "Jonathan A. Zdziarski - Systems Administrator" <jonz () CARTMAN ! NETRAIL ! NET>
Date:       1998-08-25 20:31:47
[Download RAW message or body]

it appears that hotmail put a fix in this by s/<script>/<comment>/ or
some variation, when you view a message.

On Tue, 25 Aug 1998, Jeff Mcadams wrote:

> Thus spake Tom Cervenka
>
> >We have just found a serious security hole in Microsoft's Hotmail
> >service (http://www.hotmail.com) which allows malicious users to easily
> >steal the passwords of Hotmail users. The exploit involves sending an
> >e-mail message that contains embedded javascript code. When a Hotmail
> >user views the message, the javascript code forces the user to re-login
> >to Hotmail. In doing so, the victim's username and password is sent to
> >the malicious user by e-mail. (see
> >http://www.because-we-can.com/hotmail/default.htm for demo)
>
> This is a variation on the Spartan Horse announced by Dan Gregorie over
> a week ago, and covered on news.com on the 14th.  The Spartan Horse is
> available for viewing at:
> http://www.thetopoftheworld.com
> The news.com articles, is at:
> http://www.news.com/News/Item/0,4,25274,00.html?st.ne.fd.gif.d
>
> The variation is that the Spartan Horse, as design on the
> www.thetopoftheworld.com site mimicks the Windows95/98
> Dial-Up-Networking dialog box.
>
> This wasn't originally sent to BUGTRAQ because it doesn't exploit a
> specific flaw in programming code in any software, like this "Hot"Mail
> exploit.  Perhaps that was an oversight on Dan's and my fault, but I
> did want to set the record straight on the origination of this idea for
> Dan's sake.
> --
> Jeff McAdams                            Email: jeffm@iglou.com
> Head Network Administrator              Voice: (502) 966-3848
> IgLou Internet Services                        (800) 436-4456
>

Thank you,

Jonathan A. Zdziarski
Senior Systems Administrator
Netrail, Inc.
888.NET.RAIL x242

[prev in list] [next in list] [prev in thread] [next in thread]