lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Fri, 16 Apr 2004 09:51:29 +0930
From: Samps <samps@...jocks.com>
To: bugtraq@...urityfocus.com
Subject: Re: ZA Security Hole


Damjan Kreft wrote:

> Hello!
> 
> I think, I discover some kind of security hole in ZoneAlaram - any version.
> The problem is hidding in E-mail Protection. Because I'm form Slovenia (not
> Slovakia), our alphabet does have some letters with roof (c - č, s - š, z -
> ž). And when the name of e-mail attachment contain any of these three
> letters, it don't go to the qurarantine (if the attachment do have right
> extension of course). 
> 
> Greets, Damjan


I played around a bit to find out whether my own computer (with 
ZoneAlarm Pro) was vulnerable and, accidentally, found a similar 
behaviour from my ISPs mailserver, apparently being Exim 4.24.

When attaching any 'normally' named .EXE, my email is returned to me by 
Exim, with a note saying: "This kind of attachment is not good for 
you.....".
If I rename the same .EXE to, say, (c).exe, it gets delivered and 
ZoneAlarm lets it in without quarantining it.

Two bugs for the price of one!


cheers
Samps


Powered by blists - more mailing lists