Bugtraq mailing list archives
Re: NAI WebShield SMTP does not scan base64 encoding
From: aleph1 () SECURITYFOCUS COM (Elias Levy)
Date: Thu, 22 Jun 2000 14:07:41 -0700
This is a summary of replies to this thread. The are several tools to decode TNEF encoding: - TNEF by Mark Simpson (this code is under the GLP) http://world.std.com/~damned/software.html http://freshmeat.net/appindex/1999/10/13/939847359.html - Fentum (for Windows 95, Linux and source; watch those N's). http://www.fentun.com - LS-TENF: a Java based TNEF decoder http://www.mirrorworlds.com/tnef/lstnef.zip - The Convert::TNEF perl module by Doug Wilson; see CPAN - Another TNEF decoder from Thomas Boll <tb () boll ch> is available at http://slappy.org/listarchives/xfmail/1999-October/000273.html Information on TNEF: - TNEF Specification (MS claims its been documented in MSDN for several years) http://msdn.microsoft.com/library/default.asp?URL=/library/psdk/mapi/apptnef_1cv3.htm - Decoding Internet Attachments (includes information on TNEF) http://pages.prodigy.net/michael_santovec/decode.htm Also, a number of SMTP-based mail scanning products scan TNEF in shipping versions. It seems the problem has been fixed in the latest version of the product. Version 4.5 with DAT version 4.0.4082 appears to work correctly. Thanks to: Lars Hecking <lhecking () nmrc ucc ie> MCKILLICAN, DONALD <donald.mckillican () bell ca> DANIEL RAMIREZ VALDEZ <dramirez () cemtec com> -DAL- <dylan () 1stup com> David Lemson <dlemson () Exchange Microsoft com> Eric Sherrill <sherrill () ti com> Jim Knoble <jmknoble () pint-stowp cx> Rainer Link <link () foo fh-furtwangen de> H D Moore <secureaustin () CONSULTANT COM> Chris Freels <CFreels () CDDB com> Chad Kitching <CKitching () powerland mb ca> -- Elias Levy SecurityFocus.com http://www.securityfocus.com/ Si vis pacem, para bellum
Current thread:
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd), (continued)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Andrea Costantino (Jun 29)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Kenn Humborg (Jun 29)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Philip Rowlands (Jun 29)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Helmethead (Jun 29)
- Re: [RHSA-2000:039-02] remote root exploit (SITE EXEC) fixed (fwd) Hugo.van.der.Kooij () CAIW NL (Jun 29)
- CONECTIVA LINUX SECURITY ANNOUNCEMENT - WU-FTPD Security (Jun 23)
- Security Update: wu-ftpd vulnerability Technical Support (Jun 23)
- Re: NAI WebShield SMTP does not scan base64 encoding Andre Albsmeier (Jun 21)
- Bruce 1.0 EA3: Networked Host-Vulnerability Scanner for Solaris & Linux Keith A. Watson (Jun 21)
- NetBSD Security Advisory 2000-007 security-officer () NETBSD ORG (Jun 21)
- Re: NAI WebShield SMTP does not scan base64 encoding Elias Levy (Jun 22)
- Security Bulletins Digest patrick () PINE NL (Jun 22)
- Re: NAI WebShield SMTP does not scan base64 encoding chris.paget () ANALYSYS COM (Jun 22)
- Free mail scanning tool (was Re: NAI WebShield SMTP does not scan base64 encoding) David F. Skoll (Jun 22)
- NetWin dMailWeb Denial of Service Chris Wolfe (Jun 21)
- [RHSA-2000:037-01] New Linux kernel fixes security bug bugzilla () REDHAT COM (Jun 21)