Reply From: Rob Rosenberger <us@kumite.com>
NTBUGTRAQ moderator Russ Cooper received international media attention when
he wrote about a "new" email exploit. In theory, someone can run malicious
code on your computer by crafting an extremely long filename for an email
attachment. The attachment doesn't need to execute -- the filename itself
executes when Outlook tries to parse the filename.
This exploit may sound bizarre to the average reporter... but I yawned when
I heard about it. You see, this latest security flaw is just a derivative of
the 'letter bomb' exploit (1996) and the 'res://' exploit (1997). Most news
outlets ignored the older flaws -- because they came out too soon after the
Hare virus media fiasco.
Read http://www.kumite.com/myths/opinion/thoughts for more...
Rob Rosenberger, webmaster
Computer Virus Myths home page
http://www.kumite.com/myths
-o-
Subscribe: mail majordomo@sekurity.org with "subscribe isn".
Today's ISN Sponsor: New Dimensions International [www.newdimensions.net]
Received on Wed Aug 5 12:25:10 1998