Welcome to Jason's Site!

 BigString.com Vulnerability.

PHP-NukeSo I read about a service called BigString.com where users can send emails that can be recalled / edited / expired / non-forwarable, w/o any cooperation of the recipients mail user agent (MUA).

It turns out that their system is based on sending people a HTML email that contains a IMG link to a picture of the email. The MUA loads this picture from the BigString.com server. Since the image is on their server they control whether or not it is available. Of course, their claims of recallable / expirable email falls flat as soon as the user does a "Save-As" of the picture.




 
     Related Links
· More about PHP-Nuke
· News by jhmartin
Most read story about PHP-Nuke:
BF1942 Server Monitoring with Nagios


     Article Rating
Average Score: 1
Votes: 1


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad



     Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend


  
The comments are owned by the poster. We aren't responsible for their content.




Web site engine's code is Copyright © 2003 by PHP-Nuke. All Rights Reserved. PHP-Nuke is Free Software released under the GNU/GPL license.
Page Generation: 0.047 Seconds