On Sun, 05 Aug 2001 16:01:11 +0000, Bastiaan Edelman wrote:
> Hi List,
> Even Arachne does run some extensions automaticaly e.g. .gif.
> I did receive a .gif with a worm inside (.exe) but Arachne detetected
> something was wrong with the .GIF image and made a second attachment of
> the .exe and did not show the image on the screen but showed the .gif
> attachment.
> What was wrong with the image? At the strart of a .gif image there ought
> to be something like GIF87a which was not there.
> The .exe could not be run in DOS, win only.
Hi Bastiaan;
There can never be a problem with a worm disguised as a .gif when
running Arachne. She does not 'run' the .gif. She runs a part of
herself which converts the information in the .gif to an image,
and then she displays that image. Even if there was an .exe hidden
inside with a normal .gif header, the action she takes is based on
her own internal programming and can only result in the display of
an image, or PART of an image, or a red box.
How even M$ could EXECUTE a file that was a .exe but named .gif
is mindboggling. Someone in Redmond is incredibly stupid. :(
It *IS* possible to open a humungous security hole in Arachne if
you uncomment the lines in mime.cfg for .exe, .com, and .bat.
- Clarence Verge
- Back to using Arachne V1.62 ....
