[15394] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

NAI WebShield SMTP does not scan base64 encoding

daemon@ATHENA.MIT.EDU (chris.paget@ANALYSYS.COM)
Tue Jun 20 12:58:57 2000

Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id:  <39596b95.85048973@eagle.analysys.co.uk>
Date:         Tue, 20 Jun 2000 13:08:27 GMT
Reply-To: chris.paget@analysys.com
From: chris.paget@ANALYSYS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Content-Transfer-Encoding: 8bit

While investigating todays virus outbreak (Stages.Worm), I noticed
that our email virus scanner (NAI WebShield SMTP 4.5, engine 4.0.50,
DAT 4.0.4082, 14/06/00) was not picking up all attachments.  
The server is configured to block all SHS, VBS, etc attachments, and
notify the sender.  However, when these are sent as Base64 encoding
(rather than 8-bit), they are passed by the server, and could
potentially infect the network.  8-bit attachments are successfully
scanned (and blocked if necessary).

Chirs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[15394] in bugtraq

NAI WebShield SMTP does not scan base64 encoding

daemon@ATHENA.MIT.EDU (chris.paget@ANALYSYS.COM)Tue Jun 20 12:58:57 2000

daemon@ATHENA.MIT.EDU (chris.paget@ANALYSYS.COM)
Tue Jun 20 12:58:57 2000