FYI, I collaborated on this advisory -- lots of new FormMail
vulnerabilities. :(
--j.
------- Forwarded Message
Date: Wed, 23 Jan 2002 20:19:17 -0800
From: "Ronald F. Guilmette" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: [spamtools] Anonymous Mail Forwarding Vulnerabilities in FormMail 1.9
A Postscript version of my security advisory for FormMail 1.9 may be
viewed at:
http://www.monkeys.com/anti-spam/formmail-advisory.ps
(I would post the whole thing here, but John probably wouldn't like
that.)
SUMMARY: FormMail 1.9 is the functional equivalent of an anonymizing
open mail relay.
An entertaining working demonstration of a 100% client-side Javascript
exploit for older and already well-known FormMail 1.6 version security
flaws may be found at:
http://www.monkeys.com/formmailer/
Use this at your own risk! And read the documentation before doing so!
A revised version of FormMail 1.9 (which I am calling 1.9s) which is
believed to be free of any and all of the security flaws described in
the advisory below is now available at:
ftp://ftp.monkeys.com/pub/formmail/1.9s/
This version is only being supplied for the benefit of those few sites
that are, due to a total lack of programming talent, absolutely and
totally unable to simply remove FormMail and replace it with their own
locally-implemented replacement script. WARNING: This alternative
version of FormMail HAS NOT BEEN CODE REVIEWED AND HAS NOT EVEN BEEN
TESTED. There is NO WARRANTY, either express or implied. I have been
totally unable to even get into contact with the original FormMail
author, so you may be sure that he has not even seen this (1.9s)
version of his script.
My apologies for the length of the advisory, but there was a lot of
stuff to talk about. I hope that this will help future implementors
of ``contact us'' type CGI scripts to avoid a lot of pitfalls.
Regards,
rfg
------- End of Forwarded Message
_______________________________________________
Spamassassin-talk mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
