[Esd-l] Possibly Bugbear
John D. Hardin
jhardin at impsec.org
Tue Oct 1 21:11:01 PDT 2002
On Wed, 2 Oct 2002, Howard Lowndes wrote:
> The attachment has a double extension with the full name being
> >Content-Type: audio/x-midi;
> > name=amy & scott wedding menu kelly for erica.pub.scr
>
> However, the attachment shows up as
>
> Content-Type: application/octet-stream; name="amy"
> Content-Disposition: attachment; filename="amy"
> Content-Transfer-Encoding: base64
My testbed using 1.136pre4 properly quoted the filename and trapped
the .scr file attachment, as did 1.135 when I pointed the testbed at
that version.
Fixing unquoted filename "amy & scott wedding menu kelly for
erica.pub.scr".
Checking "amy & scott wedding menu kelly for erica.pub.scr" for
stripping.
Checking "amy & scott wedding menu kelly for erica.pub.scr" for
poisoning.
Trapped poisoned executable "amy & scott wedding menu kelly for
erica.pub.scr".
Mangling executable filename "amy & scott wedding menu kelly for
erica.pub.scr".
What version do you have installed?
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
...the Fates notice those who buy chainsaws...
-- www.darwinawards.com
-----------------------------------------------------------------------
78 days until The Two Towers
More information about the esd-l
mailing list