lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <3D40045F.C412C89D@interhack.net>
From: monwel at interhack.net (Doug Monroe)
Subject: Re: REFRESH: EUDORA MAIL 5.1.1

"http-equiv@...ite.com" wrote:
> 
> Tuesday, July 23, 2002
> Trivial silent delivery and installation of an executable on a target
> computer. This  can be accomplished with the default installation of
> the mail client Eudora  5.1.1:
> 'allow executables in HTML content' DISABLED
> 'use Microsoft viewer' ENABLED
[snip]
> Working Example:
[snip]
> http://www.malware.com/boodora.txt
> 
> Notes: disable 'use Microsoft viewer'

A Eudora expert I am not, but I suppose one could also change
  HKCU/software/qualcomm/eudora/launchmanager/path#2  
from 
"c:\windows\application data\qualcomm\eudora\embedded" 
 or
"c:\program files\qualcomm\eudora pro\embedded" 
to some other, non-default folder name. 
New folder must exist before running eudora again.

And... add mhtml to "WarnExtentions#X" key values?

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ