Eudora 5.2.1 attachment spoof

From: Paul Szabo (psz_at_MATHS.USYD.EDU.AU)
Date: 05/22/03

  • Next message: Nick Staff: "Cisco VPN Client can be used to gain local administrator rights (All Versions, patched or otherwise)"
    Date:         Thu, 22 May 2003 14:54:13 +1000
    To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
    
    

    Qualcomm Eudora 5.2.1 has been released recently. Quoting from
    http://www.eudora.com/download/eudora/windows/5.2.1/RelNotes.txt :

    > Improved guarding against spoofed Attachment Converted: lines.

    Attachments can still be spoofed by including a CR (ctrl-M, x0d, ASCII 13)
    character anywhere within the "Attachment Converted:" string [these get
    converted internally into a NUL (x00) and ignored], e.g.:

    Attachments can still be spoofed by including a CR=x0d character anywhere
    within the "Attachment Converted:" string (these get converted internally
    into a NUL=x00 and ignored), e.g.:

    Attachment<CR> Converted: "c:\winnt\system32\calc.exe" NoAttachIcon
    Attachment Converted: "c:\winnt\system32\calc.exe" NoAttachIcon

    (First line with four-character <CR> marker for the sake of Eudora users.)

    For history, please see also:
      http://www.securityfocus.com/archive/1/299730
      http://www.securityfocus.com/archive/1/286634

    Cheers,

    Paul Szabo - psz@maths.usyd.edu.au http://www.maths.usyd.edu.au:8000/u/psz/
    School of Mathematics and Statistics University of Sydney 2006 Australia

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
    EXECUTIVE SEMINAR: "Information Security and the Disappearing Perimeter"

    Join Peter S. Tippett, PhD, M.D., the industry's foremost authority on
    network security, and TruSecure for a free breakfast seminar on "The Impact
    of the Disappearing Perimeter." Learn how you can proactively protect your
    organization against today's newest threats, including those from remote
    users, business partners and wireless. To register, and to view the full
    list of dates and cities, click below or call 1-888-396-8348.

    http://www.trusecure.com/offer/s0096/

    oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo


  • Next message: Nick Staff: "Cisco VPN Client can be used to gain local administrator rights (All Versions, patched or otherwise)"

    Relevant Pages

    • [Full-Disclosure] Eudora 5.2.1 attachment spoof
      ... Qualcomm Eudora 5.2.1 has been released recently. ... converted internally into a NUL (x00) and ignored], ... Attachments can still be spoofed by including a CR=x0d character anywhere ... within the "Attachment Converted:" string (these get converted internally ...
      (Full-Disclosure)
    • Eudora 5.2.1 attachment spoof
      ... Qualcomm Eudora 5.2.1 has been released recently. ... converted internally into a NUL (x00) and ignored], ... Attachments can still be spoofed by including a CR=x0d character anywhere ... within the "Attachment Converted:" string (these get converted internally ...
      (Bugtraq)
    • [TOMOYO #15 3/8] Common functions for TOMOYO Linux.
      ... This file contains common functions (e.g. policy I/O, pattern matching). ... Since TOMOYO Linux is a name based access control, ... TOMOYO Linux's string manipulation functions make reviewers feel crazy, ... the Linux kernel accepts all characters but NUL character ...
      (Linux-Kernel)
    • RfD: Escaped Strings version 4
      ... the S" string can only contain printable characters, ... the S" string cannot contain the '"' character, ... as an escape character for the entry of characters that cannot be ... \b BS (backspace, ASCII 8) ...
      (comp.lang.forth)
    • RfD: Escaped Strings version 4
      ... the S" string can only contain printable characters, ... the S" string cannot contain the '"' character, ... as an escape character for the entry of characters that cannot be ... \b BS (backspace, ASCII 8) ...
      (comp.lang.forth)