Vulnerability Development: Re: jump2.eudora.com

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Vulnerability Development mailing list archives

Re: jump2.eudora.com

From: Matt Zimmerman <mdz () CSH RIT EDU>
Date: Mon, 28 Aug 2000 00:11:30 -0400

On Sun, Aug 27, 2000 at 04:32:58PM -0400, William Daskaluk wrote:

So it sent a request to jump2.eudora.com which looks like the following...

GET /jump.cgi?action=update&platform=Windows 98
v.04.10.2222&product=Eudora&version=4.3.2

All that other junk in the tcpdump was just your computer negotiating a
connection.

Where exactly is this 'information' that eudora is sending?  It looks to me like
it is simply checking to see if a newer version of Eudora is available.


- The OS and version running on the origin host
- The version of Eudora running on the origin host
- The fact that the origin host is probably used for reading mail
- A hint that the origin host is probably a single-user system (where security
  tends to be weaker)

Probably harmless in most situations, but there should be an option to disable
this check for the benefit of security-paranoid and privacy-conscious users.

-- 
 - mdz

Attachment: _bin
Description:

By Date By Thread

Current thread:

jump2.eudora.com William Daskaluk (Aug 27)
- Re: jump2.eudora.com Matt Zimmerman (Aug 28)
  - Re: jump2.eudora.com Brad Griffin (Aug 28)
    - Re: jump2.eudora.com Erik Tayler (Aug 28)
    - Re: jump2.eudora.com Bluefish (P.Magnusson) (Aug 29)
  - Re: jump2.eudora.com Teicher, Mark (Aug 29)
- Re: jump2.eudora.com Fabio Roccatagliata (Aug 28)