Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

netscapemail.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 15 Views

Netscape Mail crashes with certain pseudo mime attachments; potential exploit noted by user.

Show more
Code
`Date: Wed, 29 Jul 1998 10:04:05 +0200  
From: Paul Boehm <[email protected]>  
Subject: Re: netscape mail overflow(another one)  
  
On Tue, Jul 28, 1998 at 08:21:41PM +0200, Paul Boehm wrote:  
> Hi,  
> netscape mail crashes when trying to the attachment  
^- save  
> from the following pseudo mime mail:  
  
sorry for posting twice, but this is extremly important for the understanding  
of the original mail.  
  
bye,  
pb  
--  
  
[ Paul S. Boehm | [email protected] | http://paul.boehm.org/ | infected@irc ]  
  
Money is what gives a programmer his resources. It's an exchange system created  
by human beings. It surrounds us. Works for us, binds the economy together.  
  
----------  
  
Date: Tue, 28 Jul 1998 20:21:41 +0200  
From: Paul Boehm <[email protected]>  
Subject: netscape mail overflow(another one)  
  
Hi,  
netscape mail crashes when trying to the attachment  
from the following pseudo mime mail:  
  
From: Paul Boehm <[email protected]>  
To: [email protected]  
Subject: test  
Mime-Version: 1.0  
Content-Type: AAAAAAAAAAAAAAAAAAAAAA...; boundary=ABC123  
--ABC123  
Content-Type: text/plain; charset=us-ascii  
  
test123  
  
--ABC123  
Content-Type: application/octet-stream  
Content-Transfer-Encoding: base64  
Content-Disposition: attachment; filename="AA"  
  
H4sIAA7jvDUAA+3OOQ6EQBBD0Y45hY9QJejiPI1EBhJiuT+LiEeaAEj+SxzYgdfR09PcLMyU  
JLURdzZX3hopcm49vD6Ks/acZI8/O2zLWmYpTWUbfu/6+Y0/L+uGUn39AQAAAAAAAAAAAAAA  
AADwvx2CTC7aACgAAA==  
  
--ABC--  
  
i suppose this is exploitable, but i don't really know.  
i only tested this with win95 netscape 4.05.  
  
bye,  
paul  
  
--  
  
[ Paul S. Boehm | [email protected] | http://paul.boehm.org/ | infected@irc ]  
  
Money is what gives a programmer his resources. It's an exchange system created  
by human beings. It surrounds us. Works for us, binds the economy together.  
  
  
----------  
  
Date: Wed, 29 Jul 1998 10:34:04 -0700  
From: [email protected]  
Subject: Re: netscape mail overflow(another one)  
  
Netscape mail for Windows has an overflow in the body. This is evident when a spammer  
sends one of our customers a message with the text all on one line. You can reproduce  
by putting 32768 characters in a line, mail it to yourself, and try to download.  
Netscape chokes when reading the POP box and refuses to fetch the message. I  
just use netscape mail for Unix and the problem doesn't exist (gee, I wonder why :>)  
  
--Perry  
  
`

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
netscape mailcrash issuepseudo mimeexploit potentialuser report.
15
.json
Report