exploits , vulnerabilities , articles , Rit Research Labs "The Bat!" Concealed Attachment Vulnerability

Title	Rit Research Labs "The Bat!" Concealed Attachment Vulnerability
Published	2001-04-02-12:00AM
Updated	2001-04-03-04:27PM
Class	Unknown
CVE	CAN-2001-0398
Remote	Yes
Local	No
Credit	Reported to bugtraq by "http-equiv@excite.com" <http-equiv@excite.com> (c/o http://www.malware.com) on Mon, 2 Apr 2001
Vulnerable	Rit Research Labs The Bat! 1.101 Rit Research Labs The Bat! 1.49 Rit Research Labs The Bat! 1.48 Rit Research Labs The Bat! 1.47 Rit Research Labs The Bat! 1.46 Rit Research Labs The Bat! 1.45 Rit Research Labs The Bat! 1.44 Rit Research Labs The Bat! 1.43 Rit Research Labs The Bat! 1.42 f Rit Research Labs The Bat! 1.42 Rit Research Labs The Bat! 1.41 Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Rit Research Labs The Bat! 1.39 Microsoft Windows 95 Microsoft Windows 98 Microsoft Windows NT 4.0 Rit Research Labs The Bat! 1.36 Rit Research Labs The Bat! 1.35 Rit Research Labs The Bat! 1.34 Rit Research Labs The Bat! 1.33 Rit Research Labs The Bat! 1.32 Rit Research Labs The Bat! 1.31 Rit Research Labs The Bat! 1.22 Rit Research Labs The Bat! 1.21 Rit Research Labs The Bat! 1.19 Rit Research Labs The Bat! 1.18 Rit Research Labs The Bat! 1.17 Rit Research Labs The Bat! 1.15 Rit Research Labs The Bat! 1.14 Rit Research Labs The Bat! 1.1 Rit Research Labs The Bat! 1.0 43 Rit Research Labs The Bat! 1.0 41 Rit Research Labs The Bat! 1.0 39 Rit Research Labs The Bat! 1.0 37 Rit Research Labs The Bat! 1.0 36 Rit Research Labs The Bat! 1.0 35 Rit Research Labs The Bat! 1.0 32 Rit Research Labs The Bat! 1.0 31 Rit Research Labs The Bat! 1.0 29 Rit Research Labs The Bat! 1.0 28 Rit Research Labs The Bat! 1.0 15 Rit Research Labs The Bat! 1.0 11 Rit Research Labs The Bat! 1.0 build 1349 Rit Research Labs The Bat! 1.0 build 1336
Not Vulnerable
Code	See http://www.malware.com/guano.eml From original bugtraq post: "We are able to blind the The BAT! ~..~ with trivial file extension modifications and carefully calculated file name lengths: Content-Type:image/gif; Content-Transfer-Encoding: base64 Content-Disposition: inline; filename=" what's this? .gif.exe" Will create an inline attachment, which, while not important will not be indicted in the in-box. What is important is that the attachment viewed once the mail message has been opened will be with the icon of something else. On two win98 machines, we achieved the icon of a folder: (screen shot: http://www.malware.com/guano.jpg 32KB)"
TXT

Vulnerabilities - newest 10 RSS | More

2009-12-19 Serv-U File Server User Directory Information Disclosure Vulnerability
2009-12-18 ReVou Comment Field HTML Injection Vulnerability
2009-12-18 Adobe Flash Media Server Resource Exhaustion Remote Denial of Service Vulnerability
2009-12-18 Centreon Authentication Mechanism Security Bypass Vulnerability
2009-12-18 Family Connections Multiple Input Validation Vulnerabilities
2009-12-18 Drupal Contact and Menu Modules Multiple HTML Injection Vulnerabilities
2009-12-18 Mozilla Firefox and SeaMonkey NTLM Credential Reflection Authentication Bypass Vulnerability
2009-12-18 Mozilla Firefox CVE-2009-3982 JavaScript Engine Multiple Remote Memory Corruption Vulnerabilities
2009-12-17 Zen Cart Insecure File and Programs Information Disclosure and Database Deletion Vulnerability
2009-12-17 Winamp Module Decoder Plugin Multiple Buffer Overflow Vulnerabilities