From owner-freebsd-security Wed Jul 29 17:08:39 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id RAA08494 for freebsd-security-outgoing; Wed, 29 Jul 1998 17:08:39 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from lariat.lariat.org (ppp1000.lariat.org@[206.100.185.2]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id RAA08469 for ; Wed, 29 Jul 1998 17:08:27 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.lariat.org (8.8.8/8.8.8) id SAA18937; Wed, 29 Jul 1998 18:07:52 -0600 (MDT) Message-Id: <199807300007.SAA18937@lariat.lariat.org> X-Sender: brett@mail.lariat.org X-Mailer: QUALCOMM Windows Eudora Pro Version 4.0.1 Date: Wed, 29 Jul 1998 18:07:33 -0600 To: Gregory Sutter , freebsd-security@FreeBSD.ORG From: Brett Glass Subject: Re: procmail workaround for MIME filename overflow exploit In-Reply-To: <19980729145556.C16073@notabene.zer0.org> References: <199807291946.NAA14449@lariat.lariat.org> <199807291946.NAA14449@lariat.lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org At 02:55 PM 7/29/98 -0700, Gregory Sutter wrote: >Brett, > >John's recipe has the same problem as Andrew McNaughton's proposed >solution -- it invokes perl. As far as I can see, it invokes Perl only if a potential exploit is recognized.... Hopefully, a rare event. John's original recipe DOES have the problem that it doesn't handle varying amounts of whitespace between items, or tabs rather than spaces as whitespace. I've mentioned this to John and I expect he'll update his recipes (he has several relating to MIME). --Brett To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message