[7451] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: Microsoft Security Bulletin (MS98-008)

daemon@ATHENA.MIT.EDU (Brett Glass)
Wed Jul 29 02:20:41 1998

Date: 	Tue, 28 Jul 1998 18:38:01 -0600
Reply-To: Brett Glass <brett@LARIAT.ORG>
From: Brett Glass <brett@LARIAT.ORG>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To:  <Pine.SUN.4.01.9807271153280.15495-100000@dfw.nationwide.ne t>

InfoWorld, at http://www.infoworld.com/cgi-bin/displayStory.pl?980728.ehbugs.htm,
claims that the MIME filename overflow exploit affects Eudora. Is this correct?
This is the first I've heard of that mailer being vulnerable.

After seeing the QPopper holes and at least two bugs in Eudora that appear to be due to
buffer overruns, I'm willing to believe that Qualcomm has a general problem with
code quality, especially vis-a-vis safe string coding. But has Qualcomm stated
"yea" or "nay" on this? Or has anyone actually crashed Eudora via this bug?

--Brett


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7451] in bugtraq

Re: Microsoft Security Bulletin (MS98-008)

daemon@ATHENA.MIT.EDU (Brett Glass)Wed Jul 29 02:20:41 1998

daemon@ATHENA.MIT.EDU (Brett Glass)
Wed Jul 29 02:20:41 1998