Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
BID:1157
Info
Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
| Bugtraq ID: | 1157 |
| Class: | Design Error |
| CVE: | |
| Remote: | Yes |
| Local: | Yes |
| Published: | Apr 28 2000 12:00AM |
| Updated: | Apr 28 2000 12:00AM |
| Credit: | Discovered by Bennett Haselton <[email protected]> and publicized on April 27, 2000. |
| Vulnerable: |
Qualcomm Eudora 4.3 Qualcomm Eudora 4.2 |
| Not Vulnerable: | |
Discussion
Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.
A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.
Exploit / POC
Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
Inserting the tag
<a href="file:///c:/eudora/attach/file.lnk"\>http ://www.example.com</ a>
in an email message will display as:
http ://www.example.com
in a Eudora email client.
Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.
Bennett Haselton <[email protected]> has set up the following demonstration page:
http://www.peacefire.org/security/stealthattach/
Inserting the tag
<a href="file:///c:/eudora/attach/file.lnk"\>http ://www.example.com</ a>
in an email message will display as:
http ://www.example.com
in a Eudora email client.
Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.
Bennett Haselton <[email protected]> has set up the following demonstration page:
http://www.peacefire.org/security/stealthattach/
Solution / Fix
Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Solution:
Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
References
Eudora 4.2/4.3 Warning Message Circumvention Vulnerability
References:
References:
- "Stealth Attachment" demo page (Bennett Haselton)
- Qualcomm warns of Eudora security hole (CNet)