 |
|
|
Long Filename Mail Vulnerability
JULY 27, 1998
The Long Filename Mail vulnerability has been identified by a Finnish tester at OUSPG and is documented at AUSCERT. It affects the mail and news components of Netscape Communicator 4.0 through 4.05 and Netscape Communicator 4.5 Preview Release 1 on the Windows 3.1, 95, 98, and NT platforms. At this time Netscape does not believe that this vulnerability affects the Macintosh or Unix versions of Communicator. Although this vulnerability has been verified by Netscape, no customer incidents have been reported to Netscape. Netscape expects to make available a fix for Communicator 4.0x within two weeks. The Long Filename Mail vulnerability could allow an email or newsgroup message with an attachment that has a very long filename to execute malicious code on your computer. In order for the malicious code to cause problems, you must select the File menu while viewing the message.
Description of the Vulnerability
The Long Filename Mail vulnerability can cause one or more of the following to occur when you select the File menu while viewing a message that has an attachment with a long filename:
-
Communicator may quit unexpectedly.
-
Selecting the File menu may cause malicious code to be executed on your computer. Netscape is not aware of any users who have been affected by a malicious message.
How to Avoid the Vulnerability
Until a patch is available, configure Communicator to always view attachments as links, rather than display them inline. To do so, select the appropriate command on the View menu.
-
In Communicator 4.0 through 4.05, select View: Attachments: As Links.
-
In Communicator 4.5 Preview Release 1, if your menu reads View: View Attachments Inline, select this item to toggle it to viewing attachments as links.
If you view a message with an attachment that has a filename with 200 or more characters (this may appear as an attachment link that extends beyond the window width), follow these instructions:
-
Do NOT select the File menu under any circumstances when the message is selected.
-
You can save the attachment to your hard disk for viewing with another application by right-clicking on the attachment link in the message and selecting Save Link As.
-
It is recommended that you delete the message with the long filename attachment by clicking the Delete icon in the toolbar. You should delete the message whether or not you were able to save the attachment as described in the previous step.
-
If you need to exit Communicator while the suspect message is selected, click on the X icon in the upper-right corner of the window. Do not use the File menu to exit the application unless you have deleted the suspect message or have selected an alternate message.
Please note that not all attachments with filenames of 200 or more characters will necessarily be malicious.
Netscape recommends that users protect themselves by upgrading to a patch release for Communicator 4.0x when it is available in two weeks, or to Communicator 4.5 Preview Release 2, when it is available.
Versions and Platforms Affected
Netscape has confirmed that the security issue affects the mail and news components of Communicator for the following versions and platforms:
-
Netscape Communicator 4.0 through 4.05 on Windows 3.1, 95, 98, and NT platforms
-
Netscape Communicator 4.5 Preview Release 1 on Windows 95, 98, and NT platforms
Netscape believes that the following mail and news component versions are NOT affected:
-
Netscape Communicator 4.0 through 4.05 on Macintosh and Unix platforms
-
Netscape Communicator 4.5 Preview Release 1 on Macintosh and Unix platforms
-
Netscape Navigator 2.x and 3.x on all platforms
Information on How to Obtain a Fix
Netscape is testing a fix for Communicator 4.0x for Windows 3.1, 95, 98, and NT and expects to release it in the next two weeks. Check this page for details on where to download the fix for this vulnerability. For more information about security on Netscape products, visit the Security Notes page.
|
Partners | Reference & Evaluation | Security Notes