procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Long attachment filename exploits: a procmail filter

1998-07-29 21:07:43
from [John D. Hardin] [Permanent Link] 
On Wed, 29 Jul 1998, Brett Glass wrote:


Finally, there are other possible exploits, like a very long content
type, that might also lead to buffer oveflows in mail clients. These
should be checked too. 


Okay, very long Content-Type headers are now sanitized as well.

Grab the latest from http://www.wolfenet.com/~jhardin/html-trap.procmail
and take a look.

--
 John Hardin KA7OHZ                               
jhardin(_at_)wolfenet(_dot_)com
 pgpk -a finger://gonzo.wolfenet.com/jhardin    PGP key ID: 0x41EA94F5
 PGP key fingerprint: A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
-----------------------------------------------------------------------
  Your mouse has moved. Windows NT must be restarted for the change
  to take effect. Reboot now?  [ OK ]
-----------------------------------------------------------------------
   88 days until Daylight Savings Time ends
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Re: Long attachment filename exploits: a procmail filter, John D. Hardin <=
Previous by Date:  Re: help!!!, denisz
Next by Date:  Re: Help! Need to use procmail to fight dangerous security exploit, Walter Dnes
Previous by Thread:  Search Engines, usethe800number
Next by Thread:  Procmail features wishlist, John D. Hardin
Indexes:  [Date] [Thread] [Top] [All Lists]