[Mimedefang] MIMEDefang 2.21 is released - Important Security Note
Rich West
Rich.West at wesmo.com
Thu Sep 12 12:30:01 EDT 2002
Umm.. I just downloaded and built 2.21, but the mime-tools-patch.txt
file is not part of the distribution...
-Rich
David F. Skoll wrote:
>-----BEGIN PGP SIGNED MESSAGE-----
>Hash: SHA1
>
>Hi,
>
>MIMEDefang 2.21 is released. Also, a new version of the patched MIME-tools
>has been put on the MIMEDefang site. Get everything at:
>
> http://www.roaringpenguin.com/mimedefang/
>
>Aviram Jenik posted a note on Bugtraq:
>
> http://online.securityfocus.com/archive/1/291514
>
>detailing how to bypass SMTP security scanners. MIMEDefang 2.20 and
>earlier are vulnerable to this attack in their default configurations.
>I recommend performing *both* of the following steps
>
>1) Upgrade to the new MIME-Tools suite from my Web site.
>2) Upgrade to MIMEDefang 2.21. Be sure to upgrade your filter, too;
> see below.
>
>Note that either step (1) or (2) alone will thwart the attack; I
>still recommend doing both.
>
>If, for some reason, you do not want to upgrade, then put the following
>code in your filter() and filter_multipart() routines:
>
># Block message/partial parts
>if (lc($type) eq "message/partial") {
> action_quarantine_entire_message("Message quarantined because of message/partial type");
> return action_discard();
>}
>
>The new sample filter does just that. Full changelog appended.
>
>Regards,
>
>David.
>2002-09-12 David F. Skoll <dfs at roaringpenguin.com>
>
> * Version 2.21 RELEASED
>
> * Removed mime-tools-patch.txt. Instead, download the patched
> MIME-Tools tarball from the MIMEDefang site.
>
> * Documented $WarningLocation
>
> * SECURITY UPDATE: Default filter rejects attachments of type
> "message/partial". See
> http://online.securityfocus.com/archive/1/291514
>
>2002-09-10 David F. Skoll <dfs at roaringpenguin.com>
>
> * mimedefang-multiplexor.c (statsLog): Do not log the date/time
> if we log stats using syslog; it's redundant. We still include
> a UNIX timestamp.
>
>-----BEGIN PGP SIGNATURE-----
>Version: GnuPG v1.0.6 (GNU/Linux)
>Comment: For info see http://quantumlab.net/pine_privacy_guard/
>
>iD4DBQE9gLkBxu9pkTSrlboRAlKWAKCJdY7sTkeXbnX+yyNlqDglO2iu3wCY0J3S
>GFG9WcEc02mC782D7DyAaQ==
>=Z185
>-----END PGP SIGNATURE-----
>
>_______________________________________________
>MIMEDefang mailing list
>MIMEDefang at lists.roaringpenguin.com
>http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
>
>
More information about the MIMEDefang
mailing list