[Owasp-alabama] [Bham_InfraGard] Email Research posted today

owasp-alabama at lists.owasp.org owasp-alabama at lists.owasp.org
Mon Nov 2 11:07:48 EST 2009


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


On Oct 26, 2009, at 10:02 PM, Hal Flynn wrote:

> On Mon, Oct 26, 2009 at 12:21 PM,  <David.R.Wharton at regions.com>  
> wrote:
>> The solution is there, it is just that not everyone implements it  
>> and like you said, both parties have to support it.
>
>
>
> Any band-aid will come off with a good enough scrape.  Congratulations
> on finding yet another clever scrape, Joshua.


Hal,
Not to beat a dead horse but..

I guess I still don't see these as new vulnerabilities and more less  
metaphor for 'spam exists'.
I think the problems Josh is describing exist, I just don't see them  
as anything new in regards to how smtp works or how SPAM is managed.

If this is a new vulnerability (this is me saying I am open to being  
wrong on my opinion/perspective)

	Is there a CVE # assigned to these vulnerabilities?
	Is there a CVSS rating for these vulnerabilities?
	Has anything been reported into the OSVDB or other vulnerability  
tracking databases?

If this is a new  vulnerability , I think its important that it is  
classified as such.

| Daniel Uriah Clemens
| Packetninjas L.L.C | | http://www.packetninjas.net
| c. 205.567.6850      | | o. 866.267.8851
"Moments of sorrow are moments of sobriety"











-----BEGIN PGP SIGNATURE-----

iD8DBQFK7wPUlZy1vkUrR4MRAgZmAJ0er92XcpfvW+A237GbTURPC9PSWACdHnar
IFf5zC7P3dKyWAcrkb7NdX0=
=lvhB
-----END PGP SIGNATURE-----


More information about the Owasp-alabama mailing list