Eudora 4.2/4.3警告信息规避漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1105806 漏洞类型 设计错误
发布时间 2000-04-28 更新时间 2005-10-12
CVE编号 CVE-2000-0342 CNNVD-ID CNNVD-200004-078
漏洞平台 Windows CVSS评分 5.0
|漏洞来源
https://www.exploit-db.com/exploits/19885
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200004-078
|漏洞详情
Eudora4.x存在漏洞,远程攻击者可以利用这个漏洞绕过用户警告,通过使用引用附件的.lnk文件执行例如.exe,.com,和.bat的附件。
|漏洞EXP
source: http://www.securityfocus.com/bid/1157/info

A malicious email sender can circumvent warning messages that would normally display when a user attempts to view executable attachments in Eudora 4.2/4.3. Eudora does not prompt a user with the warning message if they are attempting to open a file that is neither .exe, .com, or .bat.

Inserting the tag
<a  href="file:///c:/eudora/attach/file.lnk"\>http ://www.example.com</ a>
in an email message will display as:
http ://www.example.com
in a Eudora email client.

Therefore, when a user clicks on this link, it will automatically open up the executable file without warning.
|参考资料

来源:www.peacefire.org
链接:http://www.peacefire.org/security/stealthattach/explanation.html
来源:news.cnet.com
链接:http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077
来源:BID
名称:1157
链接:http://www.securityfocus.com/bid/1157