[31851] in bugtraq
Re[2]: base64
daemon@ATHENA.MIT.EDU (3APA3A)
Fri Sep 26 16:25:51 2003
Date: Fri, 26 Sep 2003 22:02:56 +0400
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Reply-To: 3APA3A <3APA3A@SECURITY.NNOV.RU>
Message-ID: <622711973.20030926220256@SECURITY.NNOV.RU>
To: Earl Hood <earl@earlhood.com>
Cc: bugtraq@securityfocus.com, Bennett Todd <bet@rahul.net>,
MightyE <trash@mightye.org>, Lawrence MacIntyre <lpz@ornl.gov>
In-Reply-To: <200309252346.h8PNkbU23630@gator.earlhood.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=Windows-1251
Content-Transfer-Encoding: 8bit
Dear Earl Hood,
Signature is applied to decoded message. If encoding is broken there is
no need to try to keep signature. Reassembling message is really best
solution. But there are another ways to bypass message reassembling.
Some of them can be found in
http://www.security.nnov.ru/advisories/content.asp
--Friday, September 26, 2003, 3:46:36 AM, you wrote to bugtraq@securityfocus.com:
>> limits. Recode base64. Recode uuencoded chunks. Regularize
>> non-standard MIME.
EH> You cannot do this for signed messages, therefore, you still
EH> need to either decode in all possible ways or drop the message
EH> (or the offending entity).
EH> --ewh
--
~/ZARAZA
Ибо факты есть факты, и изложены они лишь для того, чтобы их поняли и в них поверили. (Твен)
