[Full-Disclosure] Re: REFRESH: EUDORA MAIL 5.1.1

From: Doug Monroe (full-disclosure@lists.netsys.com)
Date: 07/25/02

Next message: Nick FitzGerald: "[Full-Disclosure] Spam relaying via IIS"
Previous message: Ulf Harnhammar: "[Full-Disclosure] ezContents multiple vulnerabilities"
In reply to: http-equiv@excite.com: "[Full-Disclosure] REFRESH: EUDORA MAIL 5.1.1"
Next in thread: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Reply: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Reply: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: full-disclosure@lists.netsys.com (Doug Monroe)
Date: Thu, 25 Jul 2002 09:59:59 -0400

"http-equiv@excite.com" wrote:
>
> Tuesday, July 23, 2002
> Trivial silent delivery and installation of an executable on a target
> computer. This can be accomplished with the default installation of
> the mail client Eudora 5.1.1:
> 'allow executables in HTML content' DISABLED
> 'use Microsoft viewer' ENABLED
[snip]
> Working Example:
[snip]
> http://www.malware.com/boodora.txt
>
> Notes: disable 'use Microsoft viewer'

A Eudora expert I am not, but I suppose one could also change
HKCU/software/qualcomm/eudora/launchmanager/path#2
from
"c:\windows\application data\qualcomm\eudora\embedded"
or
"c:\program files\qualcomm\eudora pro\embedded"
to some other, non-default folder name.
New folder must exist before running eudora again.

And... add mhtml to "WarnExtentions#X" key values?

Next message: Nick FitzGerald: "[Full-Disclosure] Spam relaying via IIS"
Previous message: Ulf Harnhammar: "[Full-Disclosure] ezContents multiple vulnerabilities"
In reply to: http-equiv@excite.com: "[Full-Disclosure] REFRESH: EUDORA MAIL 5.1.1"
Next in thread: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Reply: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Reply: http-equiv@excite.com: "[Full-Disclosure] UPDATE: Re: REFRESH: EUDORA MAIL 5.1.1"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: REFRESH: EUDORA MAIL 5.1.1
... > Trivial silent delivery and installation of an executable on a target ... > 'allow executables in HTML content' DISABLED ... A Eudora expert I am not, but I suppose one could also change ... New folder must exist before running eudora again. ...
(Vuln-Dev)
Re: REFRESH: EUDORA MAIL 5.1.1
... > Trivial silent delivery and installation of an executable on a target ... > 'allow executables in HTML content' DISABLED ... A Eudora expert I am not, but I suppose one could also change ... New folder must exist before running eudora again. ...
(Bugtraq)
Re: REFRESH: EUDORA MAIL 5.1.1
... > Trivial silent delivery and installation of an executable on a target ... > 'allow executables in HTML content' DISABLED ... A Eudora expert I am not, but I suppose one could also change ... New folder must exist before running eudora again. ...
(NT-Bugtraq)
REFRESH: EUDORA MAIL 5.1.1
... 'allow executables in HTML content' DISABLED ... settings of Eudora, that is being fully functional with 'allow ... All through the meta refresh tag: ... So all we have to do is embedded in our mail message two ...
(NT-Bugtraq)
REFRESH: EUDORA MAIL 5.1.1
... 'allow executables in HTML content' DISABLED ... settings of Eudora, that is being fully functional with 'allow ... All through the meta refresh tag: ... So all we have to do is embedded in our mail message two ...
(Vuln-Dev)