Re: is this new ...

From: Brad Arlt (arlt_at_cpsc.ucalgary.ca)
Date: 05/26/03

  • Next message: George Theall: "Re: is this new ..." 
    Date: Mon, 26 May 2003 10:43:52 -0600
To: terry white <twhite@aniota.com>

    On Sat, May 24, 2003 at 07:22:18AM -0700, terry white wrote:
    >
    > ... anyone know what this is:
    >
    > "May 24 05:42:31 yossarian sendmail[3835]: h4OCg7Da003834: Fixed MIME
    > Content-Disposition header field (possible attack)"

    One of the last two Sendmail remote root fixes included an additional
    fix that can be compiled out if you request to do so. The fix corrects
    the above to render the possible attack less damaging.

    The note in sendmail's Release notes is:

    To provide partial protection to internal, unpatched sendmail MTAs,
                    8.12.9 changes by default (char)0xff to (char)0x7f in
                    headers etc. To turn off this conversion compile with
                    -DALLOW_255 or use the command line option -d82.101.
    -----------------------------------------------------------------------
       __o Bradley Arlt Security Team Lead
     _ \<_ arlt@cpsc.ucalgary.ca University Of Calgary
    (_)/(_) I should be biking right now. Computer Science

    ----------------------------------------------------------------------------
    *** Wireless LAN Policies for Security & Management - NEW White Paper ***
    Just like wired networks, wireless LANs require network security policies
    that are enforced to protect WLANs from known vulnerabilities and threats.
    Learn to design, implement and enforce WLAN security policies to lockdown enterprise WLANs.

    To get your FREE white paper visit us at:
    http://www.securityfocus.com/AirDefense-incidents
    ----------------------------------------------------------------------------

  • Next message: George Theall: "Re: is this new ..."