Bugtraq mailing list archives
Re[2]: base64
From: 3APA3A <3APA3A () SECURITY NNOV RU>
Date: Fri, 26 Sep 2003 22:02:56 +0400
Dear Earl Hood, Signature is applied to decoded message. If encoding is broken there is no need to try to keep signature. Reassembling message is really best solution. But there are another ways to bypass message reassembling. Some of them can be found in http://www.security.nnov.ru/advisories/content.asp --Friday, September 26, 2003, 3:46:36 AM, you wrote to bugtraq () securityfocus com:
limits. Recode base64. Recode uuencoded chunks. Regularize non-standard MIME.
EH> You cannot do this for signed messages, therefore, you still EH> need to either decode in all possible ways or drop the message EH> (or the offending entity). EH> --ewh -- ~/ZARAZA Ибо факты есть факты, и изложены они лишь для того, чтобы их поняли и в них поверили. (Твен)
Current thread:
- RE: base64, (continued)
- RE: base64 latte (Sep 23)
- Re: base64 Ilya Teterin (Sep 23)
- Re: base64 MightyE (Sep 24)
- Re: base64 Buck Huppmann (Sep 24)
- Re: base64 Andrew Church (Sep 25)
- Message not available
- Re: base64 MightyE (Sep 25)
- Re: base64 Bennett Todd (Sep 25)
- Re: base64 MightyE (Sep 25)
- Re: base64 Earl Hood (Sep 26)
- Re: base64 Bennett Todd (Sep 26)
- Re[2]: base64 3APA3A (Sep 26)
- RE: base64 Alun Jones (Sep 26)
- Re: base64 Bennett Todd (Sep 26)
- Re: base64 Buck Huppmann (Sep 24)
- Re: base64 Bennett Todd (Sep 26)
- Re: base64 Greg A. Woods (Sep 27)