From owner-freebsd-security Wed Jul 29 12:47:08 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA13360 for freebsd-security-outgoing; Wed, 29 Jul 1998 12:47:08 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA13347 for ; Wed, 29 Jul 1998 12:47:06 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.8) id NAA14449; Wed, 29 Jul 1998 13:46:31 -0600 (MDT) Message-Id: <199807291946.NAA14449@lariat.lariat.org> X-Sender: brett@mail.lariat.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Wed, 29 Jul 1998 13:46:14 -0600 To: freebsd-security@FreeBSD.ORG From: Brett Glass Subject: procmail workaround for MIME filename overflow exploit Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org John Hardin has just updated his procmail "kit" to shorten long file names on MIME attachments. This should prevent potential exploits in mail clients such as Outlook, Outlook Express, Netscape Mail, and possibly Eudora (there's still some debate about whether Eudora is susceptible). John's procmail filter kit can be found at http://www.wolfenet.com/~jhardin/procmail-kit.html You can view his "recipe" for solving the problem at the end of the file http://www.wolfenet.com/~jhardin/html-trap.procmail I have no idea whether his solution is bulletproof (we should all probably review it to be sure!), but it certainly looks good. Admins: it'd be a fantastic idea to install this NOW to protect users, unless anyone knows of security holes in procmail. --Brett Glass To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message