Signature is applied to decoded message. If encoding is broken there is
no need to try to keep signature. Reassembling message is really best
solution. But there are another ways to bypass message reassembling.
Some of them can be found in
EH> You cannot do this for signed messages, therefore, you still
EH> need to either decode in all possible ways or drop the message
EH> (or the offending entity).
EH> --ewh
--
~/ZARAZA
Èáî ôàêòû åñòü ôàêòû, è èçëîæåíû îíè ëèøü äëÿ òîãî, ÷òîáû èõ ïîíÿëè è â íèõ ïîâåðèëè. (Òâåí)
Signature is applied to decoded message. If encoding is broken there is
no need to try to keep signature. Reassembling message is really best
solution. But there are another ways to bypass message reassembling.
Some of them can be found in
http://www.security.nnov.ru/advisories/content.asp
--Friday, September 26, 2003, 3:46:36 AM, you wrote to bugtraq (at) securityfocus (dot) com [email concealed]:
>> limits. Recode base64. Recode uuencoded chunks. Regularize
>> non-standard MIME.
EH> You cannot do this for signed messages, therefore, you still
EH> need to either decode in all possible ways or drop the message
EH> (or the offending entity).
EH> --ewh
--
~/ZARAZA
Èáî ôàêòû åñòü ôàêòû, è èçëîæåíû îíè ëèøü äëÿ òîãî, ÷òîáû èõ ïîíÿëè è â íèõ ïîâåðèëè. (Òâåí)
[ reply ]