Security spam from Amazon

Return-path:

Envelope-to: dave@doctor.nl2k.ab.ca

Delivery-date: Mon, 27 Jun 2022 06:43:01 -0600

Received: from doctor by doctor.nl2k.ab.ca with local (Exim 4.95 (FreeBSD))

(envelope-from )

id 1o5o4N-000ABr-0f

for dave@doctor.nl2k.ab.ca;

Mon, 27 Jun 2022 06:42:23 -0600

Resent-From: The Doctor

Resent-Date: Mon, 27 Jun 2022 06:42:22 -0600

Resent-Message-ID:

Resent-To: Dave Yadallee

Received: from a8-97.smtp-out.amazonses.com ([54.240.8.97]:51827)

by doctor.nl2k.ab.ca with esmtps (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

(Exim 4.95 (FreeBSD))

(envelope-from <01000181a504c74d-88bdf770-e679-48f6-b08a-9020da8e1786-000000@amazonses.com>)

id 1o5nLw-000CGs-Pi

for root@nk.ca;

Mon, 27 Jun 2022 05:56:33 -0600

DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/simple;

s=6gbrjpgwjskckoa6a5zn6fwqkn67xbtw; d=amazonses.com; t=1656330962;

h=Subject:From:To:Reply-To:List-Unsubscribe:List-Unsubscribe-Post:List-Id:Feedback-ID:Message-ID:MIME-Version:Date:Content-Type;

bh=sJMaHM0gOhug46EjZsCveztYT9jxYpwc/9e9nMnkX4g=;

b=TLv83h3t+66wZmrZTDdV/Fg/YR89m3YZ2GSDeet41duJ55UWMF4C3pBsFWXLjBiR

Es3Nj3TTgQ5lOWCnzvCpAoFt66vXMabZfAQLCVGk4ENlUfR0l4nlQnG1FtfgVOKYbM8

YdHUWCvbuol3bmD77zLdnKO1+jy/b2i8J5hVbQOA=

Subject: Vulnerability - Failure to invalidate session on forget password

link

From: Claire Samuel

To: "root@nk.ca"

Reply-To: Claire Samuel

List-Unsubscribe: ,


Subscriber-Uid:hv0557rmh80d6 - Unsubscribe request&body=Please unsubscribe

me!>

List-Unsubscribe-Post: List-Unsubscribe=One-Click

List-Id: af726vv397a14

X-Report-Abuse: https://email.offensiveguards.io/latest/campaigns/mx001lfzwh6e2/report-abuse/af726vv397a14/hv0557rmh80d6

X-EBS: https://email.offensiveguards.io/latest/lists/block-address

Feedback-ID: 1.us-east-1.jUPIvFwI5WueMv7UjkxdV4UxLo/q5d3gibQe3k7gqaU=:AmazonSES

Message-ID: <01000181a504c74d-88bdf770-e679-48f6-b08a-9020da8e1786-000000@email.amazonses.com>

MIME-Version: 1.0

Date: Mon, 27 Jun 2022 11:56:02 +0000

Content-Type: multipart/alternative; boundary=2nIPpntA

X-SES-Outgoing: 2022.06.27-54.240.8.97



--2nIPpntA

Content-Type: text/plain; charset=utf-8

Content-Transfer-Encoding: quoted-printable



Hello root,

Hope you are fine. As an=C2=A0independent security researcher=

I have found

some bugs/vulnerabilities in your website.

Vulnerability:=

Failure to invalidate session on forget password

I have observed that wh=

en we=C2=A0request=C2=A0a forgot password link it

updates the session ins=

tead of=C2=A0expiration. If an account=C2=A0is

logged=C2=A0in some accoun=

t and the password reset link=C2=A0is used=C2=A0the

other account will ge=

t updated but not expired.

Steps to reproduce:

1. Request a forgot pass=

word link.

2. Now login in another browser and then use the password rese=

t link

in another browser.

3. You will notice that the password=C2=

=A0will be changed=C2=A0successfully

and the other browser will still be =

active with the account you opened

in it.

Impact:

If some account=

=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will not

be=C2=A0log=

ged out from that browser and=C2=A0will be logged=C2=A0in and=C2=A0can

be=

=C2=A0used for malicious activities.

Recommendations:

It should expire =

immediately when the password=C2=A0is changed.

Regards.

--2nIPpntA

Content-Type: text/html; charset=utf-8

Content-Transfer-Encoding: quoted-printable









=09 Vulnerability - Failure to invalidate session on forget password=<br /><br /> link



Hello root,


Hope you are fine. As an=C2=A0independent security researcher I have found =

some bugs/vulnerabilities in your website.





Vulnerability: Failure to invalidate session on forget password





I have observed that when we=C2=A0request=C2=A0a forgot password link it up=

dates the session instead of=C2=A0expiration. If an account=C2=A0is logged=

=C2=A0in some account and the password reset link=C2=A0is used=C2=A0the oth=

er account will get updated but not expired.





Steps to reproduce:





1. Request a forgot password link.


2. Now login in another browser and then use the password reset link in ano=

ther browser.


3. You will notice that the password=C2=A0will be changed=C2=A0successfully=

and the other browser will still be active with the account you opened in =

it.





Impact:





If some account=C2=A0is logged=C2=A0in in=C2=A0some browser it=C2=A0will no=

t be=C2=A0logged out from that browser and=C2=A0will be logged=C2=A0in and=

=C2=A0can be=C2=A0used for malicious activities.





Recommendations:





It should expire immediately when the password=C2=A0is changed.





Regards.

1070 S Elmhu=

rst Rd


Mt Prospect Delaware 60056


United States


, =

https://email.offensiveguards.io/latest/lists/af726vv397a14/unsubscribe/hv0=

557rmh80d6/mx001lfzwh6e2" />



--2nIPpntA--

Trackbacks

Trackback specific URI for this entry

This link is not meant to be clicked. It contains the trackback URI for this entry. You can use this URI to send ping- & trackbacks from your own blog to this entry. To copy the link, right click and select "Copy Shortcut" in Internet Explorer or "Copy Link Location" in Mozilla.

No Trackbacks

Comments

Display comments as Linear | Threaded

No comments

Add Comment

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA

Enclosing asterisks marks text as bold (*word*), underscore are made via _word_.
Standard emoticons like :-) and ;-) are converted to images.

To prevent automated Bots from commentspamming, please enter the string you see in the image below in the appropriate input box. Your comment will only be submitted if the strings match. Please ensure that your browser supports and accepts cookies, or your comment cannot be verified correctly.
CAPTCHA