Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

netscapemail.txt

🗓️ 17 Aug 1999 00:00:00Reported by Packet StormType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 18 Views

Netscape Mail crashes with certain pseudo mime attachments; potential exploit noted by user.

Code
`Date: Wed, 29 Jul 1998 10:04:05 +0200  
From: Paul Boehm <[email protected]>  
Subject: Re: netscape mail overflow(another one)  
  
On Tue, Jul 28, 1998 at 08:21:41PM +0200, Paul Boehm wrote:  
> Hi,  
> netscape mail crashes when trying to the attachment  
^- save  
> from the following pseudo mime mail:  
  
sorry for posting twice, but this is extremly important for the understanding  
of the original mail.  
  
bye,  
pb  
--  
  
[ Paul S. Boehm | [email protected] | http://paul.boehm.org/ | infected@irc ]  
  
Money is what gives a programmer his resources. It's an exchange system created  
by human beings. It surrounds us. Works for us, binds the economy together.  
  
----------  
  
Date: Tue, 28 Jul 1998 20:21:41 +0200  
From: Paul Boehm <[email protected]>  
Subject: netscape mail overflow(another one)  
  
Hi,  
netscape mail crashes when trying to the attachment  
from the following pseudo mime mail:  
  
From: Paul Boehm <[email protected]>  
To: [email protected]  
Subject: test  
Mime-Version: 1.0  
Content-Type: AAAAAAAAAAAAAAAAAAAAAA...; boundary=ABC123  
--ABC123  
Content-Type: text/plain; charset=us-ascii  
  
test123  
  
--ABC123  
Content-Type: application/octet-stream  
Content-Transfer-Encoding: base64  
Content-Disposition: attachment; filename="AA"  
  
H4sIAA7jvDUAA+3OOQ6EQBBD0Y45hY9QJejiPI1EBhJiuT+LiEeaAEj+SxzYgdfR09PcLMyU  
JLURdzZX3hopcm49vD6Ks/acZI8/O2zLWmYpTWUbfu/6+Y0/L+uGUn39AQAAAAAAAAAAAAAA  
AADwvx2CTC7aACgAAA==  
  
--ABC--  
  
i suppose this is exploitable, but i don't really know.  
i only tested this with win95 netscape 4.05.  
  
bye,  
paul  
  
--  
  
[ Paul S. Boehm | [email protected] | http://paul.boehm.org/ | infected@irc ]  
  
Money is what gives a programmer his resources. It's an exchange system created  
by human beings. It surrounds us. Works for us, binds the economy together.  
  
  
----------  
  
Date: Wed, 29 Jul 1998 10:34:04 -0700  
From: [email protected]  
Subject: Re: netscape mail overflow(another one)  
  
Netscape mail for Windows has an overflow in the body. This is evident when a spammer  
sends one of our customers a message with the text all on one line. You can reproduce  
by putting 32768 characters in a line, mail it to yourself, and try to download.  
Netscape chokes when reading the POP box and refuses to fetch the message. I  
just use netscape mail for Unix and the problem doesn't exist (gee, I wonder why :>)  
  
--Perry  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
17 Aug 1999 00:00Current
7.4High risk
Vulners AI Score7.4
netscape mailcrash issuepseudo mimeexploit potentialuser report.
18