Date: Wed, 16 May 2001 11:58:00 -0400
From: yehuda <yehuda@essutton.com>
To: "bugtraq@securityfocus.com" <bugtraq@securityfocus.com>
Subject: %25c double-parse vulnerability exploitable via email
This may be obvious, but even if a server is not accessible to the
internet, you can exploit it via email. All you need is the following
information:
> 1 - an email address on their network. It must be one that someone will
> read, and the person must be using a reader that renders html mail.
> 2 - the hostname or IP of the win2k server
>
> all you need to do is craft an html email to your mail user (see 1 above)
> with the %25c double-parse vulnerability as a url in the mail message.
> (Use an img tag so it will run automatically and attempt to download an
> "image".)
>
> user reads the message, and blammo!
>
if an administrator feels he doesn't need to patch his win2k server
because it's not available on the internet, think again.