Bugtraq mailing list archives

Re: Buffer Overflow in MS Outlook Email Clients

From: bednar () RAK ISTERNET SK (bednar () RAK ISTERNET SK)
Date: Tue, 18 Jul 2000 23:23:57 +0200


Hello,

The bug lies in the shared library INETCOMM.DLL and has been successfully
exploited on Windows 95, 98 and NT with both Outlook and Outlook Express.


Yes, so what is interesting:

PGPMSIMN caused an invalid page fault in
module INETCOMM.DLL at 0137:5ec076c2.
Registers:
EAX=0000016a CS=0137 EIP=5ec076c2 EFLGS=00010293
EBX=70bd19da SS=013f ESP=00e1cc44 EBP=00e1cd3c
ECX=00000000 DS=013f ESI=3243eae2 FS=330f
EDX=0000016b ES=013f EDI=59ab5ec0 GS=0000
Bytes at CS:EIP:
89 0e 89 0f 75 3a 83 f8 05 0f 87 ac b3 02 00 48
Stack dump:
00471348 00e1cd86 70bd19da 65f014db 00400000 bff798cf 81612318 00000000
5ec030e6 00452bac 0045264c 00e1d008 00e1d00c 00000472 00000e10 00471344

Yes, even PGP plugin for MSIE (for what else too???) is vulnerable. Trying to build
a secure system using insecure components (e.g. Windows). 

     Juraj.

<HR NOSHADE>
<UL>
<LI>application/pgp-signature attachment: stored
</UL>

Current thread:

[Security Announce] MDKSA-2000:021 nfs-utils update, (continued)
- - - [Security Announce] MDKSA-2000:021 nfs-utils update Linux Mandrake Security Team (Jul 18)
    - Microsoft Security Bulletin (MS00-043) Microsoft Product Security (Jul 19)
    - Remotely Exploitable Buffer Overflow in Outlook "Malformed E-mail MIME Header" Vulnerability Ussr Labs (Jul 19)
    - Re: [RHSA-2000:043-02] Updated package for nfs-utils available Joe Laffey (Jul 18)
    - Re: [RHSA-2000:043-02] Updated package for nfs-utils available Kurt Seifried (Jul 18)
    - @stake Security Advisory: NetZero Password Algorithm Brian Carrier (Jul 18)
    - Re: @stake Security Advisory: NetZero Password Algorithm Dan Kaminsky (Jul 18)
    - Re: @stake Security Advisory: NetZero Password Algorithm Damien Miller (Jul 20)
    - Multiple bugs in Alibaba 2.0 Prizm (Jul 18)
    - Buffer Overflow in MS Outlook Email Clients Aaron Drew (Jul 19)
    - Re: Buffer Overflow in MS Outlook Email Clients bednar () RAK ISTERNET SK (Jul 18)
    - Re: Buffer Overflow in MS Outlook Email Clients chris.paget () ANALYSYS COM (Jul 19)
    - Re: Buffer Overflow in MS Outlook Email Clients Elias Levy (Jul 21)
  - [Fwd: linux-ftpd 0.16 is also vulnerable] Paulo Ribeiro (Jul 17)
- "Absent Directory Browser Argument" DoS Peter Grundl (Jul 15)
- Lots and lots of fun with rpc.statd Daniel Jacobowitz (Jul 16)