Full Disclosure mailing list archives

Re: Email

From: D B <geggam692000 () yahoo com>
Date: Wed, 4 Feb 2004 06:06:48 -0800 (PST)


--- Ake Nordin <rootmoose () telia com> wrote:

The text for human consumption retained below was in
the mail from the outset, it has not been
"transformed"
to something "harmless" by any intermediate mail
relay.

It's just the beginning of a plain MIME BASE64
encoding,
your favorite mail client is all too well ready to
decode
it back into executable format and run it, should


**snip**

ok ... the click click social engineering vulnerable
operating system everone seems to target... isnt it
file extension based ? .... very explotable ...but
also quite simple to change the extension 

why isnt a "defanger" standard on all mail gateways ?

guess im just not exposed to stupid on a corporate
scale


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free web site building tool. Try it!
http://webhosting.yahoo.com/ps/sb/

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Email D B (Feb 04)
- Re: Email Ake Nordin (Feb 04)
  - Re: Email D B (Feb 04)
    - Re: Email Nick FitzGerald (Feb 04)
- Re: Email Valdis . Kletnieks (Feb 04)
- Re: Email Nick FitzGerald (Feb 04)
- <Possible follow-ups>
- RE: Email Jos Osborne (Feb 04)
  - Re: Email Damian Gerow (Feb 04)
    - Re: Email Valdis . Kletnieks (Feb 04)
    - Re: Email madsaxon (Feb 04)
    - Re: Email Vinay Tiwari/MUM/IN/STTL (Feb 04)
    - Re: Email gadgeteer (Feb 04)
- RE: Email Jos Osborne (Feb 04)

(Thread continues...)