I just checked, the project admins still haven't fixed the qemu.org DNS
as per best practice (see my previous mail).
On 2020-11-03 01:09, Atik Islam wrote:
Hi There
any update ?
Thanks
On Fri, Mar 20, 2020 at 2:40 AM Atik Islam <atiki8...@gmail.com
<mailto:atiki8...@gmail.com>> wrote:
Hi,
Severity : High.
Introduction:
There is a email spoofing vulnerability.Email spoofing is the
forgery of an email header so that the message appears to have
originated from someone or somewhere other than the actual source.
Email spoofing is a tactic used in phishing and spam campaigns
because people are more likely to open an email when they think it
has been sent by a legitimate source. The goal of email spoofing
is to get recipients to open, and possibly even respond to, a
solicitation.
Steps to Reproduce:
1.goto http://www.kitterman.com/spf/validate.html
<http://www.kitterman.com/spf/validate.html>
2.Enter domain name: www.qemu.org <http://www.qemu.org> and click
spf record if any under "Does my domain already have an SPF
record? What is it? Is it valid?"
3.You will see that no valid spf protection.
4.So that why i try to send email using qemu-discuss@nongnu.org
<mailto:qemu-discuss@nongnu.org> and i was successfully delivered
the messege to my email address.
In addition to above checking,
I used https://emkei.cz/ <https://emkei.cz/> and send a test mail
using www.qemu.orgdomain which was delivered successfully.This
further confirms that the emails spoofed.
Impact
An attacker would send a Fake email. The results can be more
dangerous.
Enjoy
Jakob
--
Jakob Bohm, CIO, Partner, WiseMo A/S. https://www.wisemo.com
Transformervej 29, 2860 Søborg, Denmark. Direct +45 31 13 16 10
This public discussion message is non-binding and may contain errors.
WiseMo - Remote Service Management for PCs, Phones and Embedded