Bugtraq mailing list archives
Re: Microsoft Security Bulletin (MS98-008)
From: brett () LARIAT ORG (Brett Glass)
Date: Tue, 28 Jul 1998 18:38:01 -0600
InfoWorld, at http://www.infoworld.com/cgi-bin/displayStory.pl?980728.ehbugs.htm, claims that the MIME filename overflow exploit affects Eudora. Is this correct? This is the first I've heard of that mailer being vulnerable. After seeing the QPopper holes and at least two bugs in Eudora that appear to be due to buffer overruns, I'm willing to believe that Qualcomm has a general problem with code quality, especially vis-a-vis safe string coding. But has Qualcomm stated "yea" or "nay" on this? Or has anyone actually crashed Eudora via this bug? --Brett
Current thread:
- Re: Microsoft Security Bulletin (MS98-008) Eric Hunter (Jul 27)
- <Possible follow-ups>
- Re: Microsoft Security Bulletin (MS98-008) Aleph One (Jul 28)
- Re: Microsoft Security Bulletin (MS98-008) Brett Glass (Jul 28)
- Re: Microsoft Security Bulletin (MS98-008) Brett Glass (Jul 28)
- Re: Microsoft Security Bulletin (MS98-008) John Ladwig (Jul 29)
- Re: Microsoft Security Bulletin (MS98-008) David Kozinn (Jul 29)
- Re: Microsoft Security Bulletin (MS98-008) Brett Glass (Jul 29)