11:24 Security holes in Webbased interface mail ru | |
You,% username%, certainly trust his private e-mail Google. But for those of us who are sitting on mail.ru (as, alas, I), this message can coerce the relocation. Last year I ran into problems with security meyl.ru - there, in a letter sent sly reference to the implementation of java script redirects to the attackers through the spell-checking service on the servers mail.ru. Since not checked - if the hole was closed, but in a support configured. Yesterday came across another sample in a secured web interface. Now the staff meyl.ru actively improves the usability of the honor and praise, but it crawls very bad imperfections. I had a regular spam that's these guys: h.visaconcord.ru / - the usual colorful email commercials either tour, or something else. Viruses, Trojans do not like at this address. Spammers something too clever by half, and included some active code in script writing, which is an interface implemented mail-ru, and eventually all links on the page meyl.ru changed the links on this site, with links have the form h .visaconcord.ru / msglist? 204003361 & f = 2 - ie changed only domain. This letter is very quickly disappeared from the box, I maintain it was too late. What is also not clear - dvizhek Mail.ru allows himself to delete messages from the mailbox after the user saw it and got it. In connection with this issue, habrovchane - what hardware and software needed to on your own server set up legitimate mail and tries to send a leaky public interfaces? Preferably with a web interface (better than whites or roundkuba) with anti-spam. What a piece of iron is needed, will work quickly on a home channel? (30 megabits). I hope this post and warned spodvignu to increase personal safety. UPD. In the comments indicated the versions: In the HTML head section of a letter to the hanging tag base href = «h.visaconcord.ru», which is valid for all links without a domain (ie, a href = "/ some / path.html") fastens to the the beginning of this same domain, which is registered in the base href = "". No Javascript, and as a result of a peculiar XSS vulnerability:) | |
|
Total comments: 0 | |