[Esa-l] HTMLDropper - more details
John D. Hardin
jhardin at wolfenet.com
Sun Jan 21 14:06:30 PST 2001
I've been talking with the people at malware who posted the initial
advisory about this. It seems that no MIME content is needed at all,
not even badly formatted MIME, just a very long subject line.
I don't have ready access to an Outlook client, so a proper fix for
this will have to wait, but it looks like the suggestion to include
the Subject: header in attachment filename checking is going to be the
most correct response.
A simpler response might be to limit the length of the Subject line to
a sane length, but then we get into the difficult area of defining
"what is sane"?
--
John Hardin KA7OHZ ICQ#15735746 http://www.wolfenet.com/~jhardin/
jhardin at wolfenet.com pgpk -a finger://gonzo.wolfenet.com/jhardin
768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5 E9 BF C8 33 A7 A9 CE 76
1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The question of whether people should be allowed to harm themselves
is simple. They *must*.
-- Charles Murray
-----------------------------------------------------------------------
13 days until she returns
More information about the esd-l
mailing list