Eudora e-mail hole discovered

Clever exploit hides the attachment

A malicious attachment in Eudora mail which could allow a miscreant to execute code on a victim's machine can be completely concealed and activated by clicking on a hyperlink, Peacefire.org Webmaster Bennett Haselton has discovered. When a recipient clicks the link, the code is executed. The exploit conceals the attachment and bypasses the warning that an attached file is about to be executed. In this case, the .exe extension is changed to .lnk, which Eudora does not by default warn about. To make the exploit more effective, the command to execute it can be embedded in a hyperlink, which can also be devised to prevent Eudora from indicating that an attachment is present. Qualcomm recommends that users edit their Eudora.ini file and insert the following: WarnLaunchExtensions=exe|com|bat|cmd|pif|htm|do|xl|reg|lnk| Full details are available on the Peacefire Web site here. ®

Sponsored: 5 critical considerations for enterprise cloud backup