What is this Eudora security hole attack?
Craig Daters
craig at WESTPRESS.COM
Wed Mar 3 15:55:38 GMT 2004
>If you click on an exe in Eudora it will pop up a box telling you
>executing this file could be dangerous but, on some versions,
>if you click on a shortcut (.lnk) to the same exe attachment it
>will run it without warning. And shortcuts can be quite dangerous
>because they execute another file such as, say format C: or the
>shortcut
>points to "c:\windows\commands\deltree.exe /Y c:\"
Thank you, that explains it. And "thank you" to everyone else that
gave their input. All the information submitted was helpful.
>I would look at the size of the attachments and the
>tools->accounts-advanced
>tab and see if it's set to breakup messages over xxx bytes (seems
>like the
>default is like 2mg)
[- snip -]
>There lucky they get through, I do not allow multi-part messages
>because they cannot be scanned for viruses or content... bad
>mojo.
Yes, I agree it is bad mojo. I bet this feature was implemented to
try and overcome the filesize limit imposed by some ISP regarding
file attachments. I think file attachments are bad anyway, and never
pass up an opportunity to try and sell FTP to someone.
--
--
Craig Daters (craig at westpress.com)
Systems Administrator
West Press Printing
1663 West Grant Road
Tucson, Arizona 85745-1433
Tel: 520-624-4939
Fax: 520-624-2715
www.westpress.com
--
More information about the MailScanner
mailing list