Shady Advisory Digest (2004-09-15)

To: mutt-users@xxxxxxxx
Subject: Shady Advisory Digest (2004-09-15)
From: Ralf Hildebrandt <Ralf.Hildebrandt@xxxxxxxxxx>
Date: Wed, 15 Sep 2004 14:49:34 +0200
List-unsubscribe: <mailto:mutt-users-request@mutt.org?body=unsubscribe>
Mail-followup-to: mutt-users@xxxxxxxx
Sender: owner-mutt-users@xxxxxxxx
User-agent: Mutt/1.5.6i

Today I received this shady advisory. Maybe mutt could be affected as
well?

MIME Standard: multiple vulnerabilities
+---------------------------------------------------------------+
Date: 2004-09-15
State: 2004-09-15
+---------------------------------------------------------------+
Operating System(s):

UNIX
Microsoft Windows

Other operating systems may be affected as well.
+---------------------------------------------------------------+
Software:

Potentially affected are serveral types of software product   
which use MIME.

These are email clients, web browser, antivirus products, mail
and content checkers.
+---------------------------------------------------------------+
Attack:

An anonymous remote attacker can potentially use incorrect
MIME-Messages for denial of service, to bypass content checkers
and for remote code execution.
+---------------------------------------------------------------+
Description:

MIME is a standard for encoding binary files. MIME is used for
encoding attachments and for the transfer of files in the world
wide web content transfer protocol HTTP. With a range of fields
the sender is able to choose the encoding form.

Malformed MIME messages can pass through the checker or the
recieving client could crash.

An anonymous remote attacker can use this vulnerability for
denial of service, to bypassed content checker or to execute
arbitary code.
+---------------------------------------------------------------+
Risiko (*):

Probability of an attack: MEDIUM-HIGH
Damage probability: MEDIUM-HIGH
+---------------------------------------------------------------+
Recommendation:

Please contact your vendor for a clarification of this security
issue.

Information about tests:
http://www.uniras.gov.uk/vuls/2004/380375/mime.htm
+---------------------------------------------------------------+
Information:

Corsaire Advisory:
http://www.corsaire.com/news/040913-mime.html

NISCC Vulnerability Advisory 380375/MIME dated 2004-09-13
http://www.uniras.gov.uk/vuls/2004/380375/mime.htm

-- 
Ralf Hildebrandt                                Ralf.Hildebrandt@xxxxxxxxxx
Postfix Tips: http://www.arschkrebs.de/postfix/ Tel.  +49 (0)30-450 570-155

Prev by Date: Freeze when receiving messages (maildir)
Next by Date: Can I query a KAddressBook?
Previous by thread: Re: Freeze when receiving messages (maildir)
Next by thread: Can I query a KAddressBook?
Index(es):
- Date
- Thread