[Mimedefang] MIMEDefang 2.21 is released - Important Security Note
Jay DeSotel
jay at interl.net
Thu Sep 12 12:35:06 EDT 2002
<SNIP>
> * Removed mime-tools-patch.txt. Instead, download the patched
> MIME-Tools tarball from the MIMEDefang site.
</SNIP>
--
Jay DeSotel
On Thu, 12 Sep 2002, Rich West wrote:
> Umm.. I just downloaded and built 2.21, but the mime-tools-patch.txt
> file is not part of the distribution...
>
> -Rich
>
>
>
> David F. Skoll wrote:
>
> >-----BEGIN PGP SIGNED MESSAGE-----
> >Hash: SHA1
> >
> >Hi,
> >
> >MIMEDefang 2.21 is released. Also, a new version of the patched MIME-tools
> >has been put on the MIMEDefang site. Get everything at:
> >
> > http://www.roaringpenguin.com/mimedefang/
> >
> >Aviram Jenik posted a note on Bugtraq:
> >
> > http://online.securityfocus.com/archive/1/291514
> >
> >detailing how to bypass SMTP security scanners. MIMEDefang 2.20 and
> >earlier are vulnerable to this attack in their default configurations.
> >I recommend performing *both* of the following steps
> >
> >1) Upgrade to the new MIME-Tools suite from my Web site.
> >2) Upgrade to MIMEDefang 2.21. Be sure to upgrade your filter, too;
> > see below.
> >
> >Note that either step (1) or (2) alone will thwart the attack; I
> >still recommend doing both.
> >
> >If, for some reason, you do not want to upgrade, then put the following
> >code in your filter() and filter_multipart() routines:
> >
> ># Block message/partial parts
> >if (lc($type) eq "message/partial") {
> > action_quarantine_entire_message("Message quarantined because of message/partial type");
> > return action_discard();
> >}
> >
> >The new sample filter does just that. Full changelog appended.
> >
> >Regards,
> >
> >David.
> >2002-09-12 David F. Skoll <dfs at roaringpenguin.com>
> >
> > * Version 2.21 RELEASED
> >
> > * Removed mime-tools-patch.txt. Instead, download the patched
> > MIME-Tools tarball from the MIMEDefang site.
> >
> > * Documented $WarningLocation
> >
> > * SECURITY UPDATE: Default filter rejects attachments of type
> > "message/partial". See
> > http://online.securityfocus.com/archive/1/291514
> >
> >2002-09-10 David F. Skoll <dfs at roaringpenguin.com>
> >
> > * mimedefang-multiplexor.c (statsLog): Do not log the date/time
> > if we log stats using syslog; it's redundant. We still include
> > a UNIX timestamp.
> >
> >-----BEGIN PGP SIGNATURE-----
> >Version: GnuPG v1.0.6 (GNU/Linux)
> >Comment: For info see http://quantumlab.net/pine_privacy_guard/
> >
> >iD4DBQE9gLkBxu9pkTSrlboRAlKWAKCJdY7sTkeXbnX+yyNlqDglO2iu3wCY0J3S
> >GFG9WcEc02mC782D7DyAaQ==
> >=Z185
> >-----END PGP SIGNATURE-----
> >
> >_______________________________________________
> >MIMEDefang mailing list
> >MIMEDefang at lists.roaringpenguin.com
> >http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
> >
> >
>
>
> _______________________________________________
> MIMEDefang mailing list
> MIMEDefang at lists.roaringpenguin.com
> http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
More information about the MIMEDefang
mailing list