[Esa-l]Re: URGENT - sample mail with vbs which passes your
sanitizer
Murray Crane
mcrane at longbridge.com
Thu May 10 09:37:09 PDT 2001
On Thu, 10 May 2001 06:50:23 -0700 (PDT), John D. Hardin wrote:
>Ouch.
>
>Okay, folks, it looks like it is happening. This HOMEPG worm appears
>to be propagating as a TNEF attachment in some cases.
>
>The 1.0 sanitizer CANNOT sanitize this variant, as it does not peer
>into TNEF attachments.
John,
Correct me if I'm wrong here, but turning on SECURITY_STRIP_MSTNEF will also prevent this particular avenue of attack, will it not?
Murray Crane
Sysadmin
Longbridge International Plc
More information about the esd-l
mailing list