On Mon, 8 Feb 1999, Michal Zalewski wrote: > Hmm, but take a look at this message: > > ************************** MIME MESSAGE FOLLOWS ************************** > From: Attacker <attackerat_private> > To: Victim <victimat_private> > Subject: Happy birthday > ... > MIME-Version: 1.0 > Content-Type: MULTIPART/MIXED; BOUNDARY="8323328-235065145-918425607=:319" > > --8323328-235065145-918425607=:319 > Content-Type: TEXT/PLAIN; charset='US-ASCII' > > Make a wish... > > --8323328-235065145-918425607=:319 > Content-Type: TEXT/PLAIN; charset=``touch${IFS}ME``; name="logexec.c" > Content-Transfer-Encoding: BASE64 > Content-Description: wish > Content-Disposition: attachment; filename="wish.c" > > ...it could be your last. > *************************** MIME MESSAGE ENDS *************************** Okay, I have added `` -> " conversion to my procmail MIME sanitizer. Michal, is that the only way to exploit this? Or should there be ` -> ' conversion as well? See http://www.wolfenet.com/~jhardin/procmail-security.html for details. -- John Hardin KA7OHZ jhardinat_private pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76 ----------------------------------------------------------------------- Your mouse has moved. Windows NT must be restarted for the change to take effect. Reboot now? [ OK ] ----------------------------------------------------------------------- 101 days until Star Wars episode I
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:33:13 PDT