| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1974132146.20040913181809@SECURITY.NNOV.RU>
Date: Mon, 13 Sep 2004 18:18:09 +0400
From: 3APA3A <3APA3A@...URITY.NNOV.RU>
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.netsys.com
Subject: Correction to latest Colsaire advisories
Just to keep correctness.
Colsaire could provide better service to it's customers by better
researching available information on researched topic.
Most of reported content filtering bypassing techniques are already
known and described in [1] with credentials believed to be valid.
MIME RFC2231 encoding issue - David F. Skoll
MIME RFC2047 encoding issue - different authors (different problems were
discovered, information from Colsaire advisory is not enough).
Content-Transfer-Encoding mechanism issue - different authors
MIME field multiple occurrence issue - 3APA3A
MIME separator issue - 3APA3A
MIME field whitespace issue - 3APA3A
MIME RFC822 comment issue (at least partially) - 3APA3A
There is also a _lot_ of different bypass techniques Colsaire failed to
discover.
[1] 3APA3A, Bypassing content filtering whitepaper
http://www.security.nnov.ru/advisories/content.asp
--
http://www.security.nnov.ru
/\_/\
{ , . } |\
+--oQQo->{ ^ }<-----+ \
| ZARAZA U 3APA3A } You know my name - look up my number (The Beatles)
+-------------o66o--+ /
|/
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists