[Mimedefang] curly brackets - security risk?
Josh Kelley
josh at jbc.edu
Mon Jun 21 11:31:18 EDT 2004
Chris Masters wrote:
>I know the default extension regex does not allow open
>curly brackets ('{'). I assume this is a security
>feature.
>
>What about filenames? I know they're legal in both
>unix and windoze, but do they pose a security risk?
>
>
Windows lets you put a classid (hexadecimal string identifying the file
type) in curly brackets and use that as a file extension. At least one
virus has used this technique to hide its extension.
See http://www.geocities.com/uzipaz/eng/safe.html, item 8, for more details.
Josh Kelley
More information about the MIMEDefang
mailing list