[EXIM] Filter for long mime headers exploit.

Página Principal
Apagar esta mensagem
Responder a esta mensagem
Autor: Joe Metzger
Data:  
Para: exim-users
Assunto: [EXIM] Filter for long mime headers exploit.
There has been a lot of discussion on BUGTRAQ lately about how many mail clients
(Netscape, Microsoft and Eudora) can not handle long mime headers. They cause
buffer overflows in the client which could be used to run arbitrary code on
the mail recipents machine.

There is a procmail filter that logs and truncates long headers (and also
removes
active HTML components) available at:
http://www.wolfenet.com/~jhardin/html-trap.procmail

Has anybody created an exim filter file that addresses this issue?


--
Joe Metzger
metzger@???
Network Information Services Group
ESnet, Lawrence Berkeley National Laboratory

--
*** Exim information can be found at http://www.exim.org/ ***