[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Eudora Vulnerability

Title: Eudora Vulnerability
Released by: The Freedom Factory
Date: 19th September 2000
Printable version: Click here


by Louis-Eric Simard, Security Consultant (Louis-Eric@Simard.com)


   September 19th 2000


   Windows 2000 [5.00.2195] running Eudora 4.3.2. Later versions of Eudora

have not been tested.


   A malicious intruder can easily take control of a Windows environment by

simply sending one or more e-mails containing attachments conforming to

   the description set in the Georgi Guninski security advisory #21 if the

receiver is using Eudora as a mail client.


   Eudora saves all attachments in a single directory upon receiving the

mail; a mail message need not be open for its attachment to be decoded

   and saved in that common directory. An intruder need only send an e-mail

with a trojaned DLL as described in the Guninski advisory, along with

   or followed by an e-mail containing a Word document.


   A dummy RICHED20.DLL file is attached here. To test the security hole,

simply mail this file along with the supplied (or any) Word file, then

   click on the Word file. After a few seconds, a message box titled

"Gotcha" will appear, indicating "Fake RICHED20.DLL loaded."


   Gergi Guninski for pointing out this issue in the first place.


   Please send suggestions, updates and comments to Louis-Eric@Simard.com.


   Louis-Eric Simard and The Freedom Factory, Inc. are not responsible for

the misuse of any of the information they provide through their security

   advisories. Our advisories are a service to the information security

community intended to promote safe computing practices and warn users of

   possible security breaches. The information within this document may

change without notice. Use of this information constitutes acceptance for

   use in an AS IS condition. There are NO warranties with regard to this

information. In no event shall the author(s) be liable for any consequences

   whatsoever arising out of or in connection with the use or spread of

this information. Any use of this information lays within the user's



   This advisory and acocmpanying document(s), if any, are the property of

The Freedom Factory, Inc. All rights reserved.

(C) 1999-2000 All rights reserved.