[Esd-l] Triple extensions
John D. Hardin
jhardin at impsec.org
Tue Feb 4 13:44:21 PST 2003
On Mon, 3 Feb 2003, Michael Ghens wrote:
> The register has an article about triple exentions.
>
> http://www.theregister.co.uk/content/56/29137.html
>
> What it states is that by creating a attatchment like:
> vacation.jpg.exe.jpg, a trojan can be put in. The user sees the first
> extension, the third is used for the icon, and the middle is for
> launching.
>
> Does the sanitizer catch it?
The attachment filename must be "carefully crafted" (your example
above won't work). I *think* it will be sanitized, but it won't be
caught (poisoned).
There's been some posts on this recently, check the archives.
--
John Hardin KA7OHZ ICQ#15735746 http://www.impsec.org/~jhardin/
jhardin at impsec.org pgpk -a jhardin at impsec.org
key: 0xB8732E79 - 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
The fetters imposed on liberty at home have ever been forged out
of the weapons provided for defense against real, pretended, or
imaginary dangers from abroad.
-- James Madison, 1799
-----------------------------------------------------------------------
637 days until the Presidential Election
More information about the esd-l
mailing list