On Mon, 2008-08-18 at 17:20 +0200, Gregory Colpart wrote:
> On Mon, Aug 18, 2008 at 11:38:00AM -0400, Michael Fernández M wrote:
> >
> > > Are you sure spammers don't use a stolen login/password?
> >
> > Ohhh, yea!, so much.
>
> I'm sorry to insist but are you *really* sure? Because here[*]
> th
On Mon, 2008-08-18 at 17:20 +0200, Gregory Colpart wrote:
> On Mon, Aug 18, 2008 at 11:38:00AM -0400, Michael Fernández M wrote:
> >
> > > Are you sure spammers don't use a stolen login/password?
> >
> > Ohhh, yea!, so much.
>
> I'm sorry to insist but are you *really* sure? Because here[*]
> th
On Mon, Aug 18, 2008 at 11:38:00AM -0400, Michael Fernández M wrote:
>
> > Are you sure spammers don't use a stolen login/password?
>
> Ohhh, yea!, so much.
I'm sorry to insist but are you *really* sure? Because here[*]
there was a similar question and upstream author said it's from a
regular us
On Mon, 2008-08-18 at 16:36 +0200, Gregory Colpart wrote:
> Hello,
>
> On Mon, Aug 18, 2008 at 10:39:59AM -0400, Michael wrote:
> >
> > Imp4 allows spammer to inject email throught it with out login.
> >
> > this is an example:
> > 80.30.19.50 - - [11/Aug/2008:19:26:31 -0400] "GET /imp/expand.ph
Hello,
On Mon, Aug 18, 2008 at 10:39:59AM -0400, Michael wrote:
>
> Imp4 allows spammer to inject email throught it with out login.
>
> this is an example:
> 80.30.19.50 - - [11/Aug/2008:19:26:31 -0400] "GET /imp/expand.php
> HTTP/1.1" 200 243
> "http://mail.domain.tld/imp/compose.php?thismailb
Package: imp4
Version: 4.1.3-4
Severity: grave
Tags: security
Justification: user security hole
Imp4 allows spammer to inject email throught it with out login.
this is an example:
80.30.19.50 - - [11/Aug/2008:19:26:31 -0400] "GET /imp/expand.php
HTTP/1.1" 200 243
"http://mail.domain.tld/imp/comp
6 matches
Mail list logo
