[Esa-l] Double clicking on innocent looking files may be dangerous (fwd)

John D. Hardin jhardin at wolfenet.com
Thu Apr 19 21:23:25 PDT 2001


On Thu, 19 Apr 2001, John D. Hardin wrote:

> If the file extension is certain CLSID e.g.:
> testhta.txt.{3050F4D8-98B5-11CF-BB82-00AA00BDCE0B}

WARNING: DO NOT simply add "{[-0-9a-f]+}" to your MANGLE_EXTENSIONS.
If you do, and one of these attachments comes through, the sanitizer
will go into an infinite loop trying to defang it.

1.130 will handle these extensions properly.

--
 John Hardin KA7OHZ   ICQ#15735746   http://www.wolfenet.com/~jhardin/
 jhardin at wolfenet.com      pgpk -a finger://gonzo.wolfenet.com/jhardin
  768: 0x41EA94F5 - A3 0C 5B C2 EF 0D 2C E5  E9 BF C8 33 A7 A9 CE 76 
 1024: 0xB8732E79 - 2D8C 34F4 6411 F507 136C  AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
  An entitlement beneficiary is a person or special interest group
  who didn't earn your money, but demands the right to take your
  money because they *want* it.
                                  -- John McKay, _The Welfare State:
                                     No Mercy for the Middle Class_
-----------------------------------------------------------------------
   1293 days until the Presidential Election



More information about the esd-l mailing list