Date: Tue, 28 Jul 1998 19:59:32 -0600 From: Brett Glass <brett@lariat.org> To: security@FreeBSD.ORG Subject: Any procmail experts here? Message-ID: <199807290159.TAA26543@lariat.lariat.org>
next in thread | raw e-mail | index | archive | help
We have dozens of users who might get bit by the MIME filename buffer overflow bug described at http://www.sjmercury.com/business/microsoft/docs/security0728.htm and would like to try to use procmail to plug the hole (it seems to be the best tool for the job). However, I have no experience with procmail. Could someone help me write a procmail.rc that will eliminate the extra-long filenames, truncating them back to (say) 64 characters max? All that's required is to recognize the Content-type: .... filename="<name>" header and make sure that <name> is chopped if it's too long. This would be a fix for which thousands of sysadmins would be exceedinglyy grateful. --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199807290159.TAA26543>