Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 29 Jul 1998 18:50:11 +1200 (NZST)
From:      Andrew McNaughton <andrew@squiz.co.nz>
To:        Brett Glass <brett@lariat.org>
Cc:        security@FreeBSD.ORG
Subject:   Re: Any procmail experts here?
Message-ID:  <Pine.BSF.3.96.980729184840.24329B-100000@aniwa.sky>
In-Reply-To: <199807290301.VAA28924@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help 


:0 hfw
* ^Content-disposition:
| /usr/local/bin/perl -pe 's/^(Content-Disposition:.{80}).*/$1/i'

It's a little rough, but should work, Improvement is a perl regex problem
rather than a procmail one.

Andrew McNaughton


On Tue, 28 Jul 1998, Brett Glass wrote:

> Date: Tue, 28 Jul 1998 21:01:06 -0600
> From: Brett Glass <brett@lariat.org>
> To: security@FreeBSD.ORG
> Subject: Re: Any procmail experts here?
> 
> Whoops.... As many of you have doubtless already noted, the header
> we need to catch is
> 
> Content-Disposition: attachment; filename="<verylogname>"
> 
> --Brett
> 
> At 07:59 PM 7/28/98 -0600, Brett Glass wrote:
>  
> >We have dozens of users who might get bit by the MIME filename buffer
> >overflow bug described at
> >
> >http://www.sjmercury.com/business/microsoft/docs/security0728.htm
> >
> >and would like to try to use procmail to plug the hole (it seems to be the
> >best tool for the job). However, I have no experience with procmail. Could
> >someone help me write a procmail.rc that will eliminate the extra-long
> >filenames, truncating them back to (say) 64 characters max? All that's
> >required is to recognize the Content-type: .... filename="<name>" header
> >and make sure that <name> is chopped if it's too long.
> >
> >This would be a fix for which thousands of sysadmins would be exceedinglyy
> >grateful.
> >
> >--Brett
> >
> >
> >To Unsubscribe: send mail to majordomo@FreeBSD.org
> >with "unsubscribe security" in the body of the message
> > 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe security" in the body of the message
> 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.980729184840.24329B-100000>