Firewall Wizards mailing list archives

RE: SSL

From: "Paul D. Robertson" <proberts () patriot net>
Date: Fri, 19 Oct 2001 14:26:34 -0400 (EDT)

On Fri, 19 Oct 2001, Bruce Platt wrote:


The window.open delivers the infected mail message which if one's Outlook is
vulnerable ...


But if you're using HTTP/HTTPS, the window.open causes a GET request for
readme.eml from the server.  That's the crux of the problem that Gary
seems worried about.  The Outlook issue is a client->client infection-
and I don't think Gary is worried about encrypted e-mail at this
point, the IE issue is server->client.  If IE is vulnerable, you can still
stop the window.open's download of the infected EML file since the
sequence is (server:infected html/asp)->(client:infected eml) the
window.open causes a GET from IE which is blockable in both the HTTP and
HTTPS cases if your proxy allows URI filtering.


Paul
-----------------------------------------------------------------------------
Paul D. Robertson      "My statements in this message are personal opinions
proberts () patriot net      which may have no basis whatsoever in fact."

_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://list.nfr.com/mailman/listinfo/firewall-wizards

Current thread:

RE: SSL, (continued)
- - - RE: SSL Paul D. Robertson (Oct 20)
- RE: SSL Scott, Richard (Oct 18)
  - RE: SSL Illes Marci (Oct 20)
- RE: SSL Ames, Neil (Oct 18)
  - RE: SSL Paul D. Robertson (Oct 20)
- RE: SSL Chad Schieken (Oct 20)
- RE: SSL Dawes, Rogan (ZA - Johannesburg) (Oct 20)
- RE: SSL Bruce Platt (Oct 20)
  - RE: SSL Paul D. Robertson (Oct 20)
- RE: SSL Bruce Platt (Oct 20)
  - RE: SSL Paul D. Robertson (Oct 20)