[Esd-l] Gap in Sanitizer Protection?
Stephen Sloan
ssloan at mincocorp.com
Wed Nov 20 11:20:01 PST 2002
My apologies, I had inadvertently turned the Sanitizer off. With it on the
same file was defanged as expected.
----- Original Message -----
From: "John D. Hardin" <jhardin at impsec.org>
To: "Stephen Sloan" <ssloan at mincocorp.com>
Cc: <Esd-l at spconnect.com>
Sent: Wednesday, November 20, 2002 1:39 PM
Subject: Re: [Esd-l] Gap in Sanitizer Protection?
> On Wed, 20 Nov 2002, Stephen Sloan wrote:
>
> > The Sanitizer let through a Word document without defanging the
> > file name. The file name had two spaces in it, ie.
> >
> > xx xxx xxxx.doc
> >
> > Do the spaces account for why the filename was not defanged?
>
> No, embedded spaces should not cause a problem. What version of the
> sanitizer are you using?
>
> Do you have a copy of the original message so that I can see the
> headers? If so, zip it up and send it to me. If you want to generate a
> "safe" sample document that exhibits the problem, that's fine. I don't
> care about the document itself, just the message headers.
>
> --
> John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
> jhardin at impsec.org pgpk -a jhardin at impsec.org
> key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
> -----------------------------------------------------------------------
> ...the Fates notice those who buy chainsaws...
> -- www.darwinawards.com
> -----------------------------------------------------------------------
> 28 days until The Two Towers
More information about the esd-l
mailing list