|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[ISN] Qualcomm warns of Eudora security hole
From: William Knowles (wk
C4I.ORG)
Date: Fri Apr 28 2000 - 09:10:34 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
http://news.cnet.com/news/0-1005-200-1773077.html?tag=st.ne.fd.lthd.1005-200-1773077
By Paul Festa
Staff Writer, CNET News.com
April 27, 2000, 3:10 p.m. PT
Qualcomm is urging people who use Eudora to guard against a
potentially dangerous security vulnerability.
Normally, before Eudora and similar email applications will run an
executable file attached to an email message, they will present a
warning that asks whether the recipient wants to risk running
untrusted code on the computer. But in an exploit devised by bug
hunter and anticontent-filtering advocate Bennett Haselton, a hostile
email sender can circumvent that warning.
"This is a potential way to get around Eudora's ability to warn people
that something dangerous could happen," said Jeff Beckley, technical
lead for Windows Eudora at Qualcomm.
Haselton's exploit works by attaching an executable (".exe") file and
linking to that file from the body of the message through another
attached file, this one of the Windows shortcut file type (".lnk").
If someone were to click directly on an ".exe" file, Eudora would
flash a warning. But routed through the ".lnk" file, the executable
gets a free pass.
Moreover, Haselton's demonstration works by disguising the ".lnk"
extension, making the ruse effective against more savvy individuals.
Beckley said Qualcomm would add ".lnk" to its list of file extensions
that earn warnings in the next iteration of Eudora for the Windows
operating system, version 4.3.2. Beckley described that version as
"weeks away."
In the meantime, people can take matters into their own hands by
changing security clearance settings themselves. Those with Windows
Eudora 4.2 and higher can copy this link into a Eudora composition
message and click on the "OK" button that follows:
x-Eudora-option:WarnLaunchExtensions=exe|com|bat|cmd|pif|htm|do|xl|reg|lnk|.
Others who use Eudora should find the "Eudora.ini" file in their
Eudora program file and add
"WarnLaunchExtensions=exe|com|bat|cmd|pif|htm|do|xl|reg|lnk|" after
the line that has the text "Settings."
*-------------------------------------------------*
"Communications without intelligence is noise;
Intelligence without communications is irrelevant."
Gen. Alfred. M. Gray, USMC
---------------------------------------------------
C4I Secure Solutions http://www.c4i.org
*-------------------------------------------------*
ISN is sponsored by SecurityFocus.com
---
To unsubscribe email LISTSERVSecurityFocus.com with a message body of
"SIGNOFF ISN".
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]