[Mimedefang] Virus Evading Detection
David F. Skoll
dfs at roaringpenguin.com
Wed Apr 24 16:11:53 EDT 2002
On Wed, 24 Apr 2002, Michael Grau wrote:
> Similarly, this virus also evades detection as an attached .exe
> (using newly patched MIME::Tools 5.411a):
>
> >Content-Type: text/html;
> >
> >Content-Type: audio/x-midi;
> > name=thread11.exe
As well it should! The blank line after the first content-type header marks
the end of the MIME headers; the second header is just text.
If your MUA interprets this as thread11.exe, then your MUA has serious
problems.
--
David.
More information about the MIMEDefang
mailing list