---------------------------------------------------------------------- SNS Advisory No.69 Eudora "Reply-To-All" Buffer Overflow Vulnerability Problem first discovered on: Thu, 09 Jan 2003 Published on: Mon, 10 Nov 2003 ---------------------------------------------------------------------- Overview: --------- Eudora for Windows contains a buffer overflow vulnerability, which could allow a remote attacker to execute arbitrary code. Problem Description: -------------------- The buffer overflow occurs when Eudora receives an e-mail message with a "From" or "Reply-To" header containing an unusually long string of characters, and then attempts to "Reply To All." Tested Versions: ---------------- Eudora 5.1-J for Windows [Japanese] Eudora 5.2.0.9 for Windows [English] Eudora 5.2.1 for Windows [English] Solution: --------- Upgrade to the fixed version below: Eudora 5.1-Jr3 for Windows [Japanese] and above Eudora Version 6.0 for Windows [English] and above Discovered by: -------------- Hisayuki Shinmachi Chronology of Events: --------------------- 9 Jan 2003 : We discovered the vulnerability 21 Jan 2003 : We reported the findings to EDGE Co., Ltd. and QUALCOMM Inc. Mar 2003 : Eudora 5.1-Jr3 was released by EDGE Co., Ltd. 25 Jun 2003 : We reported the findings to CERT/CC and JPCERT/CC because we didn't get any response from QUALCOMM Inc. 4 Oct 2003 : We confirmed that the problem has been fixed in Eudora Version 6.0 for Windows[English] 10 Nov 2003 : We disclosed this vulnerability Disclaimer: ----------- The information contained in this advisory may be revised without prior notice and is provided as it is. Users shall take their own risk when taking any actions following reading this advisory. LAC Co., Ltd. shall take no responsibility for any problems, loss or damage caused by, or by the use of information provided here. This advisory can be found at the following URL: Reference: http://www.lac.co.jp/security/english/snsadv_e/69_e.html ------------------------------------------------------------------ Secure Net Service(SNS) Security Advisory <snsadv@lac.co.jp> Computer Security Laboratory, LAC http://www.lac.co.jp/security/