Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 20 Nov 2003 09:25:05 -0800
From:      Bill Campbell <freebsd@celestial.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: SCO going after BSD???
Message-ID:  <20031120172505.GA94190@alexis.mi.celestial.com>
In-Reply-To: <3FBCBDF9.A9F9EB66@mindspring.com>
References:  <20031120005218.GA76590@xor.obsecurity.org> <20031120013831.GT98272@klapaucius.zer0.org> <3FBCBDF9.A9F9EB66@mindspring.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Nov 20, 2003, Terry Lambert wrote:
>Gregory Sutter wrote:
>>   Content-Type: text/plain; charset=iso-8859-1
>>   Content-Disposition: inline
>> 
>> These headers show that the part is not an attachment but should be
>> displayed inline, and that it contains pure text that doesn't need a
>> special handler to be displayed.  Why Outlook Express fails to
>> recognize this, and why Microsoft fails to issue a patch to fix the
>> problem, is unknown.
>
>Most mail worm implmentations uses an inline disposition to force
>the activation of an exploitable helper program to interpret content
>when the message is opened.
>
>Yes, they should recognize that text/plain is not an exploitable
>type unless there is a registered external "helper" for that type
>that overrides internal rendering as plain text (e.g. "Word"),
>even though text/html is, bt at least they are attempting to prevent
>exploits these days.

I'm not sure that text/plain isn't exploitable in OutLook.  I
seem to remeber something about Outlook interpreting a line
starting with ``BEGIN  '' (two spaces after BEGIN) as the start
of a program to be executed.  I don't use any of the Microsoft
virii so, and if I did, I would never use the worm vector,
Outlook, so can't confirm this.

Bill
--
INTERNET:   bill@Celestial.COM  Bill Campbell; Celestial Software LLC
UUCP:               camco!bill  PO Box 820; 6641 E. Mercer Way
FAX:            (206) 232-9186  Mercer Island, WA 98040-0820; (206) 236-1676
URL: http://www.celestial.com/

When only cops have guns, it's called a ``police state''.
        -- Claire Wolfe, "101 Things To Do Until The Revolution"

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20031120172505.GA94190>