At 06:15 PM 8/7/2002, Atsushi Nishimura wrote: >---------------------------------------------------------------------- >SNS Advisory No.55 >Eudora 5.x for Windows Buffer Overflow Vulnerability rev.2 > >Problem first discovered: 6 Jun 2002 >Published: 5 Aug 2002 >Last revised: 8 Aug 2002 >---------------------------------------------------------------------- > >Overview: >--------- > Eudora 5.x for Windows contains a buffer overflow vulnerability, > which could allow a remote attacker to execute arbitrary code. > >Problem Description: >-------------------- > Eudora developed and distributed by QUALCOMM Inc. > (http://www.qualcomm.com/), is a Mail User Agent running on Windows > 95/98/2000/ME/NT 4.0 and MacOS 8.1 or later. > > The buffer overflow occurs when Eudora receives a message using 139 bytes > or more of string as a boundary, which is used to divide a multi-part > message into separate parts. In our verification environment, we have > found that this could allow arbitrary commands to be executed. > For postfix users adding the following to header_checks should guard against this problem /boundary=.{138,}$/ REJECT MIME boundary too long Not that only the most recent version of postfix understand mime so in older versions (pre 20020525) nested mime won't be blocked by this. John John Pettitt Email: jppat_private "Do what you feel in your heart to be right for you'll be criticized anyway." - Eleanor Roosevelt
This archive was generated by hypermail 2b30 : Fri Aug 09 2002 - 12:39:56 PDT