[26312] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: REFRESH: EUDORA MAIL 5.1.1

daemon@ATHENA.MIT.EDU (Doug Monroe)
Thu Jul 25 12:17:48 2002

X-Qmail-Scanner-Mail-From: monwel@interhack.net via fubar.desktoplive.com
Message-ID: <3D40045F.C412C89D@interhack.net>
Date: Thu, 25 Jul 2002 09:59:59 -0400
From: Doug Monroe <monwel@interhack.net>
MIME-Version: 1.0
To: http-equiv@malware.com
Cc: bugtraq@securityfocus.com, NTBugtraq@listserv.ntbugtraq.com,
        vuln-dev@securityfocus.com, full-disclosure@lists.netsys.com
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

"http-equiv@excite.com" wrote:
> 
> Tuesday, July 23, 2002
> Trivial silent delivery and installation of an executable on a target
> computer. This  can be accomplished with the default installation of
> the mail client Eudora  5.1.1:
> 'allow executables in HTML content' DISABLED
> 'use Microsoft viewer' ENABLED
[snip]
> Working Example:
[snip]
> http://www.malware.com/boodora.txt
> 
> Notes: disable 'use Microsoft viewer'

A Eudora expert I am not, but I suppose one could also change
  HKCU/software/qualcomm/eudora/launchmanager/path#2  
from 
"c:\windows\application data\qualcomm\eudora\embedded" 
 or
"c:\program files\qualcomm\eudora pro\embedded" 
to some other, non-default folder name. 
New folder must exist before running eudora again.

And... add mhtml to "WarnExtentions#X" key values?


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[26312] in bugtraq

Re: REFRESH: EUDORA MAIL 5.1.1

daemon@ATHENA.MIT.EDU (Doug Monroe)Thu Jul 25 12:17:48 2002

daemon@ATHENA.MIT.EDU (Doug Monroe)
Thu Jul 25 12:17:48 2002