Re: Exploiting Google MX servers as Open SMTP Relays
This message is in MIME format. The first part should be readable text,
while the remaining parts are likely unreadable without MIME-aware tools.
---465436027-1224691948-1210213952=:693
Content-Type: TEXT/PLAIN; charset=iso-8859-1; format=flowed
Content-Transfer-Encoding: QUOTED-PRINTABLE
On Wed, 7 May 2008 pablo.ximenes@upr.edu wrote:
>
> Vulnerability Report:
>
> As part of our recent work on the trust hierarchy that exists among email=
providers throughout the Internet, we have uncovered a serious security fl=
aw in Ggoogle's free email service, Gmail. This vulnerability exposes Googl=
e's email servers in a way that allows an attacker to use them as open spam=
and phishing relays. This issue is related to the risk of a malicious user=
abusing Gmail's email forwarding functionality. This is possible because G=
mail's email forwarding functionality does not impose proper security restr=
ictions during its setup process and can be easily subverted. By exploiting=
this problem an attacker can send unlimited spam and phishing (i.e. forged=
) email messages that are delivered by Google's very own SMTP servers. Sinc=
e the messages are delivered by Google's own servers, an attack based on th=
is flaw is able to bypass all spam filters that are based on the blacklist =
/ whitelist concept. We were able to confirm that this vulnerability is ind=
eed exploitable b
> y crafting a proof of concept attack that allowed us to send any number o=
f forged email messages without restriction through Google's server infrast=
ructure. We have also verified that this flaw allows attackers to bypass sp=
am filters by using our method to send messages that are usually flagged as=
spam. While sending these messages directly from our network in the tradit=
ional way had the messages classified as spam, by sending the very same mes=
sages using our exploit, the messages were delivered directly to the victim=
's inbox, thus bypassing filters.
>
> Impact:
>
> All email providers that offer Google's SMTP servers any special level of=
trust (e.g. whitelist status) are vulnerable.
A lot of spam is currently being sent that way.
=09Gadi.
> Disclosure:
> We have contacted Google about this issue and are waiting for their posit=
ion before releasing further details.
>
> For more information, visit our homepage:
> http://ece.uprm.edu/~andre/insert
>
>
> Regards,
>
>
> Pablo Ximenes, Andr=E9 dos Santos
>
> INSERT - Information Security Research Team
> University of PR at Mayaguez (UPRM), USA
> State University of Cear=E1 (UECE), Brazil
>
> pablo.ximenes@upr.edu, andre@dossantos.org
>
---465436027-1224691948-1210213952=:693--
討論串 (同標題文章)
完整討論串 (本文為第 3 之 3 篇):