[Esa-l] Microsoft Security Bulletin MS01-020

John D. Hardin jhardin at wolfenet.com
Tue Apr 3 07:16:50 PDT 2001

On Sun, 1 Apr 2001, Brett Glass wrote:

> At 01:18 PM 3/31/2001, John D. Hardin wrote:
> >I do not at this time recommend poisoning *.EML attachments.
> Why not? What are they used for that would make it desirable
> to allow them? Does name mangling help?

They are just RFC822 attachments.

You can, of course, poison them if you like. Unfortunately they may be
base64 encoded, which renders them opaque to 1.x

 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
  An entitlement beneficiary is a person or special interest group
  who didn't earn your money, but demands the right to take your
  money because they *want* it.
                                  -- John McKay, _The Welfare State:
                                     No Mercy for the Middle Class_
   1309 days until the Presidential Election

More information about the esd-l mailing list