Full Disclosure mailing list archives
Re: Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue
From: Florian Weimer <fw () deneb enyo de>
Date: Tue, 14 Sep 2004 09:23:03 +0200
The first of the four would be the correct behaviour for a security conscious product, but based on empirical research this is not the common result.
Of course, this violates the robustness principle. Are there any estimates how much (corporate) mail contains one of the format violations you described? I could image that you can't reject some of them because they are too widespread. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue advisories (Sep 13)
- Re: Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue Florian Weimer (Sep 14)