<<< Date Index >>>     <<< Thread Index >>>

[SNS Advisory No.69] Eudora "Reply-To-All" Buffer Overflow Vulnerability



----------------------------------------------------------------------
SNS Advisory No.69
Eudora "Reply-To-All" Buffer Overflow Vulnerability

Problem first discovered on: Thu, 09 Jan 2003
Published on: Mon, 10 Nov 2003
----------------------------------------------------------------------

Overview:
---------
  Eudora for Windows contains a buffer overflow vulnerability, which 
  could allow a remote attacker to execute arbitrary code.


Problem Description:
--------------------
  The buffer overflow occurs when Eudora receives an e-mail message 
  with a  "From" or "Reply-To" header containing an unusually long string 
  of characters, and then attempts to "Reply To All."


Tested Versions:
----------------
  Eudora 5.1-J for Windows [Japanese]
  Eudora 5.2.0.9 for Windows [English]
  Eudora 5.2.1 for Windows [English]


Solution:
---------
  Upgrade to the fixed version below:

  Eudora 5.1-Jr3 for Windows [Japanese] and above
  Eudora Version 6.0 for Windows [English] and above


Discovered by:
--------------
  Hisayuki Shinmachi


Chronology of Events:
---------------------
   9 Jan 2003 :  We discovered the vulnerability
  21 Jan 2003 :  We reported the findings to EDGE Co., Ltd. and 
                 QUALCOMM Inc.
     Mar 2003 :  Eudora 5.1-Jr3 was released by EDGE Co., Ltd.
  25 Jun 2003 :  We reported the findings to CERT/CC and JPCERT/CC
                 because we didn't get any response from QUALCOMM Inc.
   4 Oct 2003 :  We confirmed that the problem has been fixed in Eudora 
                 Version 6.0 for Windows[English]
  10 Nov 2003 :  We disclosed this vulnerability


Disclaimer: 
-----------
  The information contained in this advisory may be revised without prior 
  notice and is provided as it is. Users shall take their own risk when 
  taking any actions following reading this advisory. LAC Co., Ltd. shall 
  take no responsibility for any problems, loss or damage caused by, or by 
  the use of information provided here.

  This advisory can be found at the following URL: 
  Reference: http://www.lac.co.jp/security/english/snsadv_e/69_e.html


------------------------------------------------------------------
Secure Net Service(SNS) Security Advisory <snsadv@xxxxxxxxx>
Computer Security Laboratory, LAC  http://www.lac.co.jp/security/