ISS X-Force Database: eudora-attachment-spoofing-bypass(9793): Eudora attachment spoofing bypass warning messages

Eudora attachment spoofing bypass warning messages

eudora-attachment-spoofing-bypass (9793)

Medium Risk

Description:

Eudora could allow a remote attacker to use a specially-crafted or malformed attachment name or attachment directory path name to spoof a file extension. A remote attacker could use this vulnerability to cause attachment warning messages to be bypassed when a user opens an attachment with a spoofed file extension, which could lead to the execution of malicious programs on the victim's computer.

Consequences:

Bypass Security

Remedy:

No remedy available as of July 9, 2011.

References:

BugTraq Mailing List, Mon Nov 24 2003 - 21:17:52 CST: Eudora 6.0.1 LaunchProtect.
BugTraq Mailing List, Wed May 21 2003 - 23:54:13 CDT: Eudora 5.2.1 attachment spoof.
BugTraq Mailing List, Wed Nov 12 2003 - 18:40:46 CST: Eudora 6.0.1 attachment spoof.
BugTraq Mailing List, Wed Nov 13 2002 - 14:44:50 CST : Eudora 5.2 attachment spoof .
Full-Disclosure Mailing List, Thu Mar 18 2004 - 20:39:26 CST: Eudora 6.0.3 attachment spoof, LaunchProtect.
Full-Disclosure Mailing List, Wed Aug 07 2002 - 16:49:20 CDT: Eudora attachment spoof .
BID-5432: Qualcomm Eudora File Attachment Spoofing Vulnerability
BID-7653: Qualcomm Eudora File Attachment Spoofing Variant Vulnerability
BID-9101: Qualcomm Eudora Attachment LaunchProtect Warning Bypass Weakness
CVE-2002-2351: Eudora 5.1 allows remote attackers to bypass security warnings and possibly execute arbitrary code via attachments with names containing a trailing . (dot).
CVE-2003-0336: Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed Attachment Converted: string, which is not properly handled by Eudora.

Platforms Affected:

Qualcomm Eudora 5.1
Qualcomm Eudora 5.2
Qualcomm Eudora 5.2.1
Qualcomm Eudora 6.0.1
Qualcomm Eudora 6.0.3

Reported:

Aug 08, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

For corrections or additions please email xforce@iss.net

Return to the main page