Rechercher
Contactez-nous Suivez-nous sur Twitter En francais English Language
 

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN

Vulnérabilités

Unsubscribe

Vigil@nce: Thunderbird, Webmail, read detection via DNS Prefetch

February 2010 by Vigil@nce

SYNTHESIS OF THE VULNERABILITY

An attacker can send an HTML email containing a link to a
customized domain name, in order to detect if the victim read the
message.

Severity: 1/4

Consequences: data reading

Provenance: document

Means of attack: 1 attack

Ability of attacker: technician (2/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: high (3/3)

Creation date: 03/02/2010

IMPACTED PRODUCTS

 Mozilla Thunderbird
 Unix - plateform

DESCRIPTION OF THE VULNERABILITY

The "DNS Prefetching" feature is used by web browsers to resolve
domain names contained in an HTML page, before the user clicks on
the link, so their loading is faster.

Several webmails do not disable this feature. So, when the user
reads an email with his web browser, it tries to resolve domain
names contained in the HTML page.

Moreover, Thunderbird resolves these names, even if the email is
displayed as text.

An attacker can therefore for example send an email containing
http://victim.attacker.dom/ to the victim. If the attacker’s DNS
server receives a query to resolve victim.attacker.dom, the
attacker can deduce that the victim read his email.

An attacker can therefore send an HTML email containing a link to
a customized domain name, in order to detect if the victim read
the message.

CHARACTERISTICS

Identifiers: 492196, 8836, VIGILANCE-VUL-9403

http://vigilance.fr/vulnerability/Thunderbird-Webmail-read-detection-via-DNS-Prefetch-9403


See previous articles

    

See next articles


Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55
Mail: ipsimp@free.fr

All new podcasts