[7492] in bugtraq
Re: Long attachment filename exploits: a procmail filter
daemon@ATHENA.MIT.EDU (John D. Hardin)
Thu Jul 30 14:06:59 1998
Date: Wed, 29 Jul 1998 20:42:46 -0700
Reply-To: "John D. Hardin" <jhardin@WOLFENET.COM>
From: "John D. Hardin" <jhardin@WOLFENET.COM>
X-To: Brett Glass <brett@lariat.org>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <199807300237.UAA21468@lariat.lariat.org>
On Wed, 29 Jul 1998, Brett Glass wrote:
> Finally, there are other possible exploits, like a very long content
> type, that might also lead to buffer oveflows in mail clients. These
> should be checked too.
Okay, very long Content-Type headers are now sanitized as well.
Grab the latest from http://www.wolfenet.com/~jhardin/html-trap.procmail
and take a look.
--
John Hardin KA7OHZ jhardin@wolfenet.com
pgpk -a finger://gonzo.wolfenet.com/jhardin PGP key ID: 0x41EA94F5
PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
-----------------------------------------------------------------------
Your mouse has moved. Windows NT must be restarted for the change
to take effect. Reboot now? [ OK ]
-----------------------------------------------------------------------
88 days until Daylight Savings Time ends
