| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <407F2709.6050006@redjocks.com> Date: Fri, 16 Apr 2004 09:51:29 +0930 From: Samps <samps@...jocks.com> To: bugtraq@...urityfocus.com Subject: Re: ZA Security Hole Damjan Kreft wrote: > Hello! > > I think, I discover some kind of security hole in ZoneAlaram - any version. > The problem is hidding in E-mail Protection. Because I'm form Slovenia (not > Slovakia), our alphabet does have some letters with roof (c - č, s - š, z - > ž). And when the name of e-mail attachment contain any of these three > letters, it don't go to the qurarantine (if the attachment do have right > extension of course). > > Greets, Damjan I played around a bit to find out whether my own computer (with ZoneAlarm Pro) was vulnerable and, accidentally, found a similar behaviour from my ISPs mailserver, apparently being Exim 4.24. When attaching any 'normally' named .EXE, my email is returned to me by Exim, with a note saying: "This kind of attachment is not good for you.....". If I rename the same .EXE to, say, (c).exe, it gets delivered and ZoneAlarm lets it in without quarantining it. Two bugs for the price of one! cheers Samps
Powered by blists - more mailing lists