[Mimedefang] Possible new filename exploit?

David F. Skoll dfs at roaringpenguin.com
Tue Oct 8 08:08:01 EDT 2002


On Tue, 8 Oct 2002, Steffen Kaiser wrote:

> How about this:
> All _unquoted_ semicolons are replaced by ";\n\t", e.g.
> s/\;\s*(\S)/\;\n\t\1/g;

I'm not 100% certain, but I believe if you call action_rebuild() to force
MIME::Tools to regenerate the message, it will throw away attributes without
an equal sign, and it may add a space after unquoted semicolons.  Worth
a test, anyway.

--
David.




More information about the MIMEDefang mailing list