_JPEG_ exploit?!

• Previous message: _JPEG_ exploit?!
• Next message: _JPEG_ exploit?!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I think it's likely to have something to do with extension shuffling, or 
misleading extension types.  Remember that flap about how one could have 
attachments whose display name was foo.jpg and whose (?)resource(?) name 
was foo.jpg but whose (?) file_handler name was foo.exe?

Eg, looking at the file, for large values of 'looking' cause one to see 
an innocuous extension, but when the file was passed off to the file 
handler to be opened by an application, it was actually an executable or 
similar.

A quick google got me this helpful page, which while not immediately up 
to date gives the gist of the problem quite clearly:

http://www.geocities.com/ResearchTriangle/Lab/1131/eng/safe.html

cheers,
Strata


Rick Moen wrote:

> Quoting Jim Hickstein (jxh at jxh.com):
> 
> 
>>Well, lots of other programs are implicated, that don't (I suppose) touch
>>MIME.
> 
> 
> You'd think, but that might well not be the case:  Lots of other programs
> tend to be dragged in through MS's component-software facilities.
> 
> 
>>Something I saw said "buffer overrun", which does start to add up.
> 
> 
> Pity the "FAQ" doesn't address any of the questions that one would
> reasonably ask.
> 
> 

-- 
========================================================================
Strata Rose Chalup [KF6NBZ]                      strata "@" virtual.net
VirtualNet Consulting                            http://www.virtual.net/
  ** Project Management & Architecture for ISP/ASP Systems Integration **
=========================================================================

• Previous message: _JPEG_ exploit?!
• Next message: _JPEG_ exploit?!
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]