Email Security Testing
Results 1 to 4 of 4

Thread: Email Security Testing

  1. #1
    Senior Member
    Join Date
    Apr 2002
    Posts
    380

    Email Security Testing

    I found the following site that tests you email client security :

    http://www.gfi.com/emailsecuritytest/

    I found myself to be somewhat vulnerable to the exploit that opens the calculator (see test) IF I execute the attached document.

    I was wondering if all the exploits are really exploits or only hype to sell the product?

    I agree that this could be useful to a network administrator that has computer illiterate users but do you guys think this would be useful for someone that knows exactly what the files they are opening or saving are?

    Your opinions will be appreciated!
    [shadow]Scorp666, the Infamous Orgasmatron[/shadow]

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    when you consider the fact that the calculator could really be any program with params i'd call that a vulnerability. i do believe that many of these are found and exploited for the purpose of selling security services and such, but that they really do exist as vulnerabilities. i dont believe they are included in the software for this purpose or fabricated.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

  3. #3
    Senior Member
    Join Date
    Apr 2002
    Posts
    380
    They executed the calculator to prove that the exploit can open any executable on the HD. Off course I was asked before I executed if I really wanted to execute it which to me isn't really a vulnerability since I still had control over the process.

    I am not sure I would call that a vulnerability, would you?
    [shadow]Scorp666, the Infamous Orgasmatron[/shadow]

  4. #4
    Senior Member
    Join Date
    Nov 2001
    Posts
    4,786
    ive used that code testing it in emails to co-workers, who were also curious, and nothing was asked before the program executed (cmd.exe). so yes i would.
    Bukhari:V3B48N826 “The Prophet said, ‘Isn’t the witness of a woman equal to half of that of a man?’ The women said, ‘Yes.’ He said, ‘This is because of the deficiency of a woman’s mind.’”

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •