Date: Tue, 27 Nov 2001 19:07:02 +0000 From: Adam Laurie <adam@algroup.co.uk> To: security@FreeBSD.ORG Cc: "Michael M. Butler" <butler@comp-lib.org> Subject: Re: some shit to see Message-ID: <3C03E456.6BD7FB3E@algroup.co.uk> References: <200111230926.fAN9Qw630403@peony.ezo.net> <3BFF9D53.CBB692E2@comp-lib.org>
next in thread | previous in thread | raw e-mail | index | archive | help
"Michael M. Butler" wrote: > > Nuke this turkey, won't you? Thanks! :) > > jflowers@ezo.net wrote: > > > > peace > > > > Name: whatever.exe > > whatever.exe Type: WAV Audio (audio/x-wav) > > Encoding: base64 unfortunately it seems a little more intelligent than a turkey as it can bypass some security scanners such qmail-scanner (http://qmail-scanner.sourceforge.net/) - i guess there's a bug relating to the mime type, since we have this rule: .exe 0 Executable attachment (not allowed) which should block all .exe attachments, but this one gets through... i will forward this to the qmail list as well instead of cross-posting, but thought you might like to be aware in case your scanner is also at risk... cheers, Adam -- Adam Laurie Tel: +44 (20) 8742 0755 A.L. Digital Ltd. Fax: +44 (20) 8742 5995 The Stores http://www.thebunker.net 2 Bath Road http://www.aldigital.co.uk London W4 1LT mailto:adam@algroup.co.uk UNITED KINGDOM PGP key on keyservers To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3C03E456.6BD7FB3E>