Re: oulook resource exhaustion

[Strumpf Noir Society <vuln-dev () labs secureance com>]

Hi again,

I just got a LOT of virus scanners who're reporting time-outs on the
attachment from below message. Any thoughts where those came from?

Xander

Saturday, January 12, 2002, 9:55:24 AM, you wrote:

SNS> Hi,

SNS> While trying to "persuade" a web mail application in logging me in, I
SNS> came across a lil' resource exhaustion "attack" against MS Outlook 98.
SNS> Unfortunately, the test system was running Win95 as well and due to

SNS> http://support.microsoft.com/default.aspx?scid=%2Fsupport%2Fsupportnet%2Fsuppobsolescence%2Easp

SNS> neither product is eligble for patches etc anyways. I was wondering
SNS> wether anyone could help me compile some more versioning info on this
SNS> to see wether it works on more recent installs as well?

SNS> Attached is a malformed message file. If it is unzipped to a directory
SNS> and renamed from .xxx to .msg it will cause Explorer.exe and/or
SNS> Outlook to start consuming system resources by either viewing it or
SNS> its directory. (I would not advice putting it in a system dir)

SNS> The test system was running MS Outlook 98 (8.5.6204.0) with the MSIE
SNS> 4.72.3612.1713 (SP2) (it worked on a similar setup with MSIE
SNS> 5.00.3105.0106 (SP1) as well).

SNS> Any known patches etc for this?

SNS> Thanks,

SNS> X. Teunissen





-- 
Best regards,
 Strumpf Noir Society                            mailto:vuln-dev () labs secureance com


"Mere accumulation of observational evidence is not proof."

-- Death, "The Hogfather"