'Contact us' attack takes out mail servers
The "contact us" feature on many websites is often insecure and makes it easy to launch denial of service attacks on corporate mail servers, according to UK-based security consultancy SecureTest.
The "contact us" feature is usually a form that allows surfers to submit comments to the people running a website. According to SecureTest, these forms can be used to launch denial of service attacks through endemic security weaknesses that have largely been overlooked.
At The Register.
[ Read more ]