Re: WASC-Announcement: MX Injection - Capturing and Exploiting Hidden Mail Servers By Vicente Aguilera Diaz

Hi Marcelo,

Part of this technique is not new and has been part of N-Stalker Web
Application Security Scanner for a long time (SMTP Injection).

There are also papers that would go further on exploiting specific
frameworks such as CDONTS.

For more information, see N-Stalker Free Edition tool at
www.nstalker.com/free-edition

Best regards,
--
Thiago Zaninotti,Security+,CISSP-ISSAP,CISM
Info Security Professional



On 12/13/06, Marcelo Leão Caffaro <marcelocaffaro@gmail.com> wrote:
> I've talked with Felipe from Syhunt this morning and he said that Sandcat
> scanner has been updated to scan for this new vulnerability class. Does
> anybody have information of other web application security scanners that
> already scans for MX Injection vulnerabilities? WebInspect? Acunetix?
> Thanks
> Marcelo Caffaro
>
> -----Mensagem original-----
> De: listbounce@securityfocus.com [mailto:listbounce@securityfocus.com] Em
> nome de robert@webappsec.org
> Enviada em: segunda-feira, 11 de dezembro de 2006 13:55
> Para: pen-test@securityfocus.com
> Assunto: WASC-Announcement: MX Injection - Capturing and Exploiting Hidden
> Mail Servers By Vicente Aguilera Diaz
>
> The Web Application Security Consortium is proud to present 'MX Injection:
> Capturing and Exploiting
> Hidden Mail Servers' written by Vicente Aguilera Diaz of Internet Security
> Auditors. In this article
> Vicente discusses how an attacker can inject additional commands into an
> online web mail application
> communicating with an IMAP/SMTP server.
>
>
> This document can be found at http://www.webappsec.org/projects/articles/ .
>
> Regards,
>
> - Robert Auger
>
> articles_at_webappsec.org
> http://www.webappsec.org
>
> ----------------------------------------------------------------------------
> --------
> Are you interested in writing a 'Guest Article' for the WASC? Additional
> information
> on article guidelines may be found at http://www.webappsec.org/articles/.
> Inquires
> can be sent to articles_at_webappsec.org
>
> "Contributed articles may include industry best practices, technical
> information about
> current issues, innovative defense techniques, etc. NO VENDOR PITCHES OR
> MARKETING
> GIMMICKS PLEASE. We are only soliciting concrete information from the
> experts on the
> front lines of the web application security field."
> <a href="http://www.webappsec.org";>http://www.webappsec.org</a>
> ----------------------------------------------------------------------------
> --------
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=70160000
> 0008bOW
> ------------------------------------------------------------------------
>
>
> ------------------------------------------------------------------------
> This List Sponsored by: Cenzic
>
> Need to secure your web apps?
> Cenzic Hailstorm finds vulnerabilities fast.
> Click the link to buy it, try it or download Hailstorm for FREE.
> http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
> ------------------------------------------------------------------------

------------------------------------------------------------------------
This List Sponsored by: Cenzic

Need to secure your web apps?
Cenzic Hailstorm finds vulnerabilities fast.
Click the link to buy it, try it or download Hailstorm for FREE.
http://www.cenzic.com/products_services/download_hailstorm.php?camp=701600000008bOW
------------------------------------------------------------------------