Re[2]: The Bat! Deep Freeze

[Douglas Hinds]

Hello tracer & all fellow TBUDL members,

Tuesday, March 07, 2000, 6:32:48 PM, tracer wrote:

t> Openning another program while The Bat is opening will kill my
t> system. Sure... Its easy to do as well or to forget it and then
t> nothing helps except a restart

I just shut it down TB! 1.39 and while it reopened, I opened EccoPro
with no problems, under an early Win95.  Is the version of windows
likely to figure in this problem?

Douglas

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: The Bat! Deep Freeze

[Januk Aggarwal]

Hello tracer,


On  Tuesday, March 07, 2000  at  07:32:48 GMT +0700 (which was 4:32 PM
where I live) [EMAIL PROTECTED] typed:


> Openning another program while The Bat is opening will kill my system.
> Sure...
> Its easy to do as well or to forget  it and then nothing helps except
> a restart

It is very annoying, especially since I don't remember TB doing this
in the past, only with 1.39 and above. Is there any Windows 98SE
setting that can prevent another application from opening while TB
starts up?


-- 
Thanks for writing
 Januk Aggarwal
 [EMAIL PROTECTED]

 Using The Bat! 1.41 Beta/5
 under Windows 98 4.10 Build   A 

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re[2]: The Bat! Deep Freeze

[Simon]

How-do-you-do,

tracer posted to [EMAIL PROTECTED] making the following comments:

t> Its easy to do as well or to forget  it and then nothing helps except
t> a restart

Yeah, same here; then causes a total lockup. A restart is the only way to
defrost Windows once deep frozen by TB! :-(
  

Slán anois, 

 Simon  send private mailto:[EMAIL PROTECTED] 


Usin' TB! v1.41 B/5 & registered

  stop hiding from brain dead browsers

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: The Bat! Deep Freeze

[tracer]

Hello Simon,
On Tue, 7 Mar 2000 21:15:52 + GMT your local time,
which was Wednesday, March 08, 2000, 4:15:52 AM (GMT+0700) my local time,
Simon wrote:


> How-do-you-do,

> I have noticed that TB! very occasionally seems to freeze with Windows when
> I launch it just as I make a connection to the Net. It is always just as TB!
> launches at the same time the connection is opened. If I wait 3 secs (after
> ICMP & UDP packets finish broadcasting) I do not seem to get a problem. If I
> forget however, and manually launch TB! to quickly, TB! takes Windows into
> cold storage with it. Anyone had this problem?

Openning another program while The Bat is opening will kill my system.
Sure...
Its easy to do as well or to forget  it and then nothing helps except
a restart


Best regards,
 
tracer
-- 

Using theBAT 1.41 Beta/5 with Windows 98
mail to : [EMAIL PROTECTED]
I am using FireTalk: 321338
ICQ: on request 
Website: www.phuketcomputers.com
Our special website hosting/mailservers are now operational



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: The Bat! Deep Freeze

[Pasquale J. Festa Sr.]

Hello Simon,

March 07, 2000, 4:15:52 PM, you wrote:

S> How-do-you-do,

S> I have noticed that TB! very occasionally seems to freeze with Windows when
S> I launch it just as I make a connection to the Net. It is always just as TB!
S> launches at the same time the connection is opened. If I wait 3 secs (after
S> ICMP & UDP packets finish broadcasting) I do not seem to get a problem. If I
S> forget however, and manually launch TB! to quickly, TB! takes Windows into
S> cold storage with it. Anyone had this problem?

S> Slán anois, 

S>  Simon  send private mailto:[EMAIL PROTECTED] 


S> Usin' TB! v1.41 B/5 & registered

S>   stop hiding from brain dead browsers


Yes, I noticed this also.

-- 
Best regards,
 Pasqualemailto:[EMAIL PROTECTED]



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

The Bat! Deep Freeze

[Simon]

How-do-you-do,

I have noticed that TB! very occasionally seems to freeze with Windows when
I launch it just as I make a connection to the Net. It is always just as TB!
launches at the same time the connection is opened. If I wait 3 secs (after
ICMP & UDP packets finish broadcasting) I do not seem to get a problem. If I
forget however, and manually launch TB! to quickly, TB! takes Windows into
cold storage with it. Anyone had this problem?

Slán anois, 

 Simon  send private mailto:[EMAIL PROTECTED] 


Usin' TB! v1.41 B/5 & registered

  stop hiding from brain dead browsers

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Patch against X-BAT-FILES?

[tracer]

Hello Stefan Tanurkov,
On Tue, 7 Mar 2000 15:18:47 +0200 GMT your local time,
which was Tuesday, March 07, 2000, 8:18:47 PM (GMT+0700) my local time,
Stefan Tanurkov wrote:


> Hello tracer, 

>>> I would not post such a message without being sure that I know what I
>>> am talking about.  This only can happen the attachment directory is
>>> C:\ Does anybody keep attachments there?-)

t>> some of my customers keep anything there till they hit the 512 file
t>> limit

> Well, by default it is a subdirectory of the account's home directory.

> I guess, most of those customers do not change the default attachment
> directory :-)

They arent using the BAT...
There is basically no way I can stick them with an emailer which
expires after one month and runs during that period with a banner
I tried and complaints within a few minutes...
But word/exel files and all kinds of stuff gets stored there.
But correct, the bats attachment if installed wouldnt end up there and
anyone doing it on purpose deserves to get caught

> Best regards,
>  Stefan 

> ..Computer modelers simulate it first. 




Best regards,
 
tracer
-- 

Using theBAT 1.41 Beta/5 with Windows 98
mail to : [EMAIL PROTECTED]
I am using FireTalk: 321338
ICQ: on request 
Website: www.phuketcomputers.com
Our special website hosting/mailservers are now operational



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Patch against X-BAT-FILES?

[Simon]

How-do-you-do,

noniq @ [EMAIL PROTECTED] wrote:

n> does anyone know when ritlabs will offer a patch for the
n> X-BAT-FILES-problem recently discussed on bugtraq?

First:

I tested the spoofing vulnerability ages ago so it was not a surprise when I
saw Steve's posting. However, contrary to the posting by Steve, I have NOT
found a single instance where TB! deletes file attachments outside of the
mailbox's attachment folder simply by deleting the message from a folder
within TB!. If a message is deleted from within any folder in TB! it will
not delete the mail from the attachment folder, even if 'Delete attached
files when message is deleted from the Trash' is selected under Account
Properties/Files & Directories. In other words, even emptying trash still
leaves the attachment in place. :-)

Second:

If you delete an attachment from the message body you will still be prompted
by TB! asking you to confirm whether you want to delete the attachment or
not. The Dialog box displays the full path to the attachment & the
attachment file name allowing you to immediately determine whether such an
action should be performed - if you see: 'c:\windows\user.dat' then you
would obviously be an idiot if you deleted it.

Yes, the attachment does also get deleted from the spoofed path if you
delete it from the message body. This does occur. However, as I have said:

1: you get a dialog box warning you before hand. - YOU CAN READ?
2: The FULL path to the attachment in question is shown - YOU CAN READ?
3. The filename in question is shown - YOU CAN READ?
4. You get a choice of 'Yes' or 'No' to delete. - Doh!

Well you can guess who this is going to affect!

Third

Although concerned enough to send email to Stefan about the security
implications of this 'bit of a security issue', I did not think it
significant enough to get everyone panicked by posting a paranoid warning to
TBUDL providing ALL details, and thereby identifying this minuscule problem
to all and sundry! - now it is general knowledge it hardly matters.

In Stefan's reply to my email he said that, "We will change it to something
more convenient in the next version". Good enough for me.

Granted, a 'pin hole' is still a 'pin hole', but quite frankly, the danger
is so minuscule it hardly warrants all the hoo haa. It has simply escalated
way out of proportion to the actual problem.

Looking forward to version 2!
  

Slan, 

 Simon mailto:[EMAIL PROTECTED] 


Usin' TB! v1.41 B5

 

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re[2]: Patch against X-BAT-FILES?

[Stefan Tanurkov]

Hello tracer, 

>> I would not post such a message without being sure that I know what I
>> am talking about.  This only can happen the attachment directory is
>> C:\ Does anybody keep attachments there?-)

t> some of my customers keep anything there till they hit the 512 file
t> limit

Well, by default it is a subdirectory of the account's home directory.

I guess, most of those customers do not change the default attachment
directory :-)



Best regards,
 Stefan 

...Computer modelers simulate it first. 


-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Patch against X-BAT-FILES?

[tracer]

Hello Stefan Tanurkov,
On Tue, 7 Mar 2000 13:50:50 +0200 GMT your local time,
which was Tuesday, March 07, 2000, 6:50:50 PM (GMT+0700) my local time,
Stefan Tanurkov wrote:


> Hello tracer, 

t>> But I thought that Steve posted this as coming from a respected
t>> security mailing list
t>> You mean they post warnings without checking if the warnings are
t>> correct? (g)

> I would not post such a message without being sure that I know what I
> am talking about.  This only can happen the attachment directory is
> C:\ Does anybody keep attachments there?-)

some of my customers keep anything there till they hit the 512 file
limit

> Oh, I forgot to mention that the forwarding problem is eliminated in
> 1.41 Beta/5  :-)





Best regards,
 
tracer
-- 

Using theBAT 1.41 Beta/5 with Windows 98
mail to : [EMAIL PROTECTED]
I am using FireTalk: 321338
ICQ: on request 
Website: www.phuketcomputers.com
Our special website hosting/mailservers are now operational



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re[2]: Patch against X-BAT-FILES?

[Stefan Tanurkov]

Hello tracer, 

t> But I thought that Steve posted this as coming from a respected
t> security mailing list
t> You mean they post warnings without checking if the warnings are
t> correct? (g)

I would not post such a message without being sure that I know what I
am talking about.  This only can happen the attachment directory is
C:\ Does anybody keep attachments there?-)

Oh, I forgot to mention that the forwarding problem is eliminated in
1.41 Beta/5  :-)



-- 
Cheers,
 Stefan 

...(A)bort, (R)etry, (S)ell it

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Patch against X-BAT-FILES?

[tracer]

Hello Stefan Tanurkov,
On Tue, 7 Mar 2000 12:12:40 +0200 GMT your local time,
which was Tuesday, March 07, 2000, 5:12:40 PM (GMT+0700) my local time,
Stefan Tanurkov wrote:


n>> 2. "The Bat!" doesn't check headers of the incoming message to contain
n>> this header (and this is even more dangerous). Intruder can spoof this
n>> header, for example to specify
n>> X-BAT-FILES: C:\WINDOWS\user.dat
n>> in  message  headers.  In  this  case  user.dat will appear as message
n>> attachment!  If  recipient  will forward this message user.dat will be
n>> attached  to forward. If recipient will delete this message and option
n>> "Delete  attached  file  then  message  deleted  from trash folder" is
n>> checked C:\WINDOWS\user.dat will be deleted.

> This simply is not true. The Bat! cannot delete a file located outside
> the attachment directory. I would delete half of my files otherwise
> :-) Moreover, I have a creeping suspicion that the option to delete
> attached files when the containing messages are deleted from Trash is
> ignored - if so, it will be fixed, I promise :-)


But I thought that Steve posted this as coming from a respected
security mailing list
You mean they post warnings without checking if the warnings are
correct? (g)





Best regards,
 
tracer
-- 

Using theBAT 1.41 Beta/5 with Windows 98
mail to : [EMAIL PROTECTED]
I am using FireTalk: 321338
ICQ: on request 
Website: www.phuketcomputers.com
Our special website hosting/mailservers are now operational



-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Patch against X-BAT-FILES?

[Stefan Tanurkov]

Hello noniq, 


n> 1. Then forwarding message with attachment this header isn't stripped.
n> This  fact  allows  recipient  of  the  forward  to  know the physical
n> location  of  the  user's  incoming files. This can be very useful for
n> attack  like  in  "Georgi  Guninski  security  advisory  #8, 2000" ;-)
n> because  you  can  send  any file to user and you will know where this
n> file will be located.

This problem will be eliminated in the oncoming release. But - hey, do
you forward messages to unknown people and do not even look that they
contain some files? Of course, there are many people who are ignorant
enough to open attachments from unknown sources, but how many people
would forward a message to an unknown person?


n> 2. "The Bat!" doesn't check headers of the incoming message to contain
n> this header (and this is even more dangerous). Intruder can spoof this
n> header, for example to specify
n> X-BAT-FILES: C:\WINDOWS\user.dat
n> in  message  headers.  In  this  case  user.dat will appear as message
n> attachment!  If  recipient  will forward this message user.dat will be
n> attached  to forward. If recipient will delete this message and option
n> "Delete  attached  file  then  message  deleted  from trash folder" is
n> checked C:\WINDOWS\user.dat will be deleted.

This simply is not true. The Bat! cannot delete a file located outside
the attachment directory. I would delete half of my files otherwise
:-) Moreover, I have a creeping suspicion that the option to delete
attached files when the containing messages are deleted from Trash is
ignored - if so, it will be fixed, I promise :-)




Sincerely,
 Stefan 

...Klingon error: Strike any other user to continue. 

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Patch against X-BAT-FILES?

[noniq]

hi,

does anyone know when ritlabs will offer a patch for the
X-BAT-FILES-problem recently discussed on bugtraq?

ciao,
noniq

--- excerpt from a message on bugtraq by [EMAIL PROTECTED]: 
"The Bat!" by RitLabs is extremely convenient mail agent with a lot of
features  for Windows platforms. One of "The Bat!" features is storing
files  attached to e-mail messages apart from messages bodies. In this
case  "The  Bat!"  puts  attached  files  in  preconfigured folder and
removes  according  MIME  part  from message. Instead, "The Bat!" adds
additional pseudo-header X-BAT-FILES, something like:

  X-BAT-FILES: D:\Home\Incoming\attachment.doc

There are few possible troubles:

1. Then forwarding message with attachment this header isn't stripped.
This  fact  allows  recipient  of  the  forward  to  know the physical
location  of  the  user's  incoming files. This can be very useful for
attack  like  in  "Georgi  Guninski  security  advisory  #8, 2000" ;-)
because  you  can  send  any file to user and you will know where this
file will be located.

2. "The Bat!" doesn't check headers of the incoming message to contain
this header (and this is even more dangerous). Intruder can spoof this
header, for example to specify
X-BAT-FILES: C:\WINDOWS\user.dat
in  message  headers.  In  this  case  user.dat will appear as message
attachment!  If  recipient  will forward this message user.dat will be
attached  to forward. If recipient will delete this message and option
"Delete  attached  file  then  message  deleted  from trash folder" is
checked C:\WINDOWS\user.dat will be deleted.

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re[3]: Submit Public Key to Public Key Server

[Oleg Zalyalov]

Hello, the Bat! list recipients,

Tuesday, March 07, 2000, Andre Hering wrote to [EMAIL PROTECTED] about
Submit Public Key to Public Key Server:

AH> What kind of key manager utility???

Either PGP's one or TB!'s.

-- 
Best regards,
Oleg Zalyalov. mailto:[EMAIL PROTECTED]

  Using The Bat! version 1.39
  under Windows NT 4.0 Build 1381 Service Pack 6

-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org

Re: Re: Submit Public Key to Public Key Server

[Andre Hering]

> Hello, the Bat! list recipients,
> 
> Tuesday, March 07, 2000, Andre Hering wrote to [EMAIL PROTECTED]
> about
> Submit Public Key to Public Key Server:
> 
> AH> I have a problem with my PGP public key block. I would to submit it
> to a
> AH> public key server (like pgp.ai.mit.edu). But if i submit (per Mail
> or per
> AH> HTML), I recieve following massage: "Error decoding key block". What
> is the
> AH> problem? (I had trial with 1024 and 2048 bit key).
> 
> Did you try to submit using key manager utility?
> 
> -- 
> Best regards,
> Oleg Zalyalov. mailto:[EMAIL PROTECTED]

What kind of key manager utility???

-- 
E-Mail: [EMAIL PROTECTED]

Sent through GMX FreeMail - http://www.gmx.net
-- 
--
View the TBUDL archive at http://tbudl.thebat.dutaint.com
To send a message to the list moderation team double click here:
   
To Unsubscribe from TBUDL, double click here and send the message:
   
--

You are subscribed as : archive@jab.org