[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-Disclosure] RE: outbind in MS outlook

To: "'Kristian Lyngstøl'" <nesquik@xxxxxxxxxxxxx>
Subject: [Full-Disclosure] RE: outbind in MS outlook
From: Stephen Taylor <staylo@xxxxxxxxxxxxxx>
Date: Thu, 29 Jul 2004 14:21:23 -0400

Thank you very much.  I don't get into the details but now I know a little
bit more to help me evaluate what I do see.
regards,
ST

-----Original Message-----
From: Kristian Lyngstøl [mailto:nesquik@xxxxxxxxxxxxx]
Sent: Thursday, July 29, 2004 2:03 PM
To: staylo@xxxxxxxxxxxxxx
Subject: Re: outbind in MS outlook

I am not subscribed to full-discolosure with my personal address (or
computer),
so forgive the lack of a copy of your mail :)

Anyway, what you are seeing is normal.

This is actually a bug in the html-code written by the spammer

In the lack of a <handler>:// in an URL, any browser will (or should)
assume that the link is relative to the path it is currently reading from.

So since the link code is only <a href="www.link.com">link</a>, not
<a href="http://www.link.com";>link</a>, the browser will assume this is
relative to the mailbox it is reading it in. (outbind://...)

You will see the same problem on web sites if they omit the http:// in
links.

If www.siteA.com tries to link to www.siteB.com only using
<a href="www.siteB.com">, the browser will look for
http://www.siteA.com/www.siteB.com

--
Regards
Kristian Lyngstøl
Telenor SOC

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: Re: [Full-Disclosure] Automated SSH login attempts?
Next by Date: [Full-Disclosure] [Fwd: DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability]
Previous by thread: Re: [Full-Disclosure] Cool Web Search
Next by thread: [Full-Disclosure] [Fwd: DansGuardian Hex Encoding URL Banned Extension Filter Bypass Vulnerability]
Index(es):
- Date
- Thread