Re: Eudora exploit (was Microsoft Security Bulletin (MS98-008))

From: Alan Thew (Alan.Thewat_private)
Date: Thu Jul 30 1998 - 03:48:43 PDT

Next message: Brett Glass: "Re: Object tag crashes Internet Explorer 4.0"

Previous message: J Edgar Hoover: "Re: Microsoft says email patch flawed"
Maybe in reply to: Troy Ablan: "Eudora exploit (was Microsoft Security Bulletin (MS98-008))"
Next in thread: Alan Brown: "Re: Eudora exploit (was Microsoft Security Bulletin (MS98-008))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Certainly Eudora 1.5.4 generates divide by zero problems with bad dates,
these can all be fixed by deleting the *.toc files and manually editing
the mbx/spool files (no corruption seen here) and generating correct
date fields.

--
Alan Thew                                       alan.thewat_private
Computing Services,University of Liverpool      Fax: +44 151 794-4442

On Wed, 29 Jul 1998, Chris Owen wrote:

>On Wed, 29 Jul 1998, Troy Ablan wrote:
>
>> At least some versions of Eudora Light prior to 3.0.5 return a Divide by
>> Zero error and immediately close when trying to pop a message that has a
>> ctime of 0 (Read as Dec 31 1969 19:00 EST (-0500)).  This apparently
>> corrupts the .mbx file, and both the message on the pop server and the
>> .mbx file must be manually removed (or hacked) in order to proceed.  I
>> can't reproduce this problem with version 3.0.5, and I don't have
>> available an older copy to re-try this.
>>
>> I discovered this anomoly doing ISP tech support for a customer.
>>
>> Can anyone confirm or deny this?
>
>I know that with version up to at least 3.0.3, setting the clock forward
>100 years will cause Eudora to cause a segmentation fault when sending
>mail.  Spent hours on this one ;-]
>
>Chris
>
>> -----Original Message-----
>> From: Brett Glass <brettat_private>
>>
>>
>> >InfoWorld, at
>> http://www.infoworld.com/cgi-bin/displayStory.pl?980728.ehbugs.htm,
>> >claims that the MIME filename overflow exploit affects Eudora. Is this
>> correct?
>> >This is the first I've heard of that mailer being vulnerable.
>>
>>
>> -----------------------------------
>> Troy Ablan
>> shore.net technical support
>> (781) 593-3110 x136
>> -----------------------------------
>>
>
>--
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>Chris Owen             ~  Lottery: A stupidity tax
>PO Box 1985            ~  owencat_private
>Garden City, KS 67846  ~  http://www.gardencity.net/~owenc/
>Voice: (316) 275-1900  ~  ftp://ftp.gardencity.net/pub/owenc/
>Fax:   (316) 275-0313  ~  88 FA CF C6 65 23 63 C1  6E 80 AE 0B 51 C0 22 36
>~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
>

Next message: Brett Glass: "Re: Object tag crashes Internet Explorer 4.0"
Previous message: J Edgar Hoover: "Re: Microsoft says email patch flawed"
Maybe in reply to: Troy Ablan: "Eudora exploit (was Microsoft Security Bulletin (MS98-008))"
Next in thread: Alan Brown: "Re: Eudora exploit (was Microsoft Security Bulletin (MS98-008))"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:10:55 PDT