Notes crashed

[BlueBoar () THIEVCO COM (Blue Boar)]

> To: VULN-DEV () SECURITYFOCUS COM
> Message-ID: <852568CD.0053207D.00 () csc com>
> Date: Wed, 26 Apr 2000 17:07:39 +0200
> Subject: Notes crashed
>
> Hi,
>
> the file attached by Zoa Chien killed Lotus notes and i had to reboot (WINNT4)
> because Lotus gets into an irrecoverable state when this happens.
>
> Is the list unmoderated?

The list is, in fact, moderated (by me.)  Messages like this will from
time to time be posted, and allowed.  It's hard to know where to draw the
line.. I'll do my best to not forward worms or viruses in a non-inert
form.  I really didn't think the note in question would be so
"successful".  (Note, for those who haven't been following the thread..
this does NOT mean that I let a worm or virus through.. I let through
a note with an attachment with a really long file name.)  It set
off several "virus scanners" (It's NOT a virus, but there's probably little
harm in AV software looking for too-long names)  and crashed a few
MTAs and MUAs.  It's an annoyance.

I'll try and avoid forwarding such notes in the future, not because it's
inappropriate, but because it's a little rude.  Not everyone appreciates
a good crash like I do.  But be warned: I WILL screw up at some point in
the future, and send something mischievous through in the future, I can
almost guarantee it.  So, the burden is on the subscribers to take
proper precautions.  Elias made a similar set of recommendations for
Bugtraq not long ago.  The same applies here.

> --0__=0RKLnED0ee0PBlskKBFSp1CZ74gSdwCBisker6pYkElUD9pxlvkQg9dO
> Content-type: application/octet-stream;
>         name="1_.Buffer_Overflow
<snip>

Ok... then the guy complaining forwards the same file back to the list.
I don't feel so bad anymore. :)

                                        BB