Bugtraq mailing list archives
RE: NAI Webshield SMTP for WinNT MIME header vuln that allowsBadTrans to pass
From: "Jari Helenius" <jari.helenius () mawaron com>
Date: Sat, 1 Dec 2001 18:37:31 +0200
After this message was published in Bugtraq, one person from NAI Europe contacted me. They asked sample of virus (which I had sent them already twice to Viruslab, person who asked this was not from NAI viruslab). I sent sample and NAI has released EXTRA.DAT that finds BadTrans.B. I have not been able to verify, that it would stop any other virus that arrives with Broken MIME header. NAI has told that they are still checking this subject, so now we have to wait and see what will happen. NAI worked quite fast, after they desided to take an action. It is sad that this vulnerability had to been published in Bugtraq to achieve this goal. Hopefully, in future, NAI will fix bugs more straitforward way. :-) If someone else is having same problem, contact NAI and ask for EXTRA.DAT. Jari Helenius / Mawaron Oy Email: jari.helenius () mawaron com
Current thread:
- Re: NAI Webshield SMTP for WinNT MIME header vuln that allows BadTrans to pass] Paul L Schmehl (Dec 02)
- RE: NAI Webshield SMTP for WinNT MIME header vuln that allowsBadTrans to pass Jari Helenius (Dec 01)