[Mimedefang] New MIME-tools release
David F. Skoll
dfs at roaringpenguin.com
Wed Sep 15 22:53:09 EDT 2004
On Thu, 16 Sep 2004, Rudolph Pereira wrote:
> Does this fix any of the issues raised in the most recent mime
> vulnerability advisories from corsaire
> (http://www.corsaire.com/news/040913-mime.html), etc?
Yes and no.
The Corsaire advisory was an essentially content-free PR stunt.
See my reply on the Bugtraq list (unfortunately, I cannot provide
a URL right now, because securityfocus.com appears to be dead.)
Basically, MIME-tools itself is neither vulnerable nor not-vulnerable
to these issues -- it's just a library. The vulnerability lies in how
you use it.
Bottom line: To avoid being bitten by malformed MIME, always call
"action_rebuild()" for any mail that you pass on. This does have
certain negative side-effects, such as increased CPU time and possible
breakage of S/MIME. See the comments in the sample filter that comes
with MIMEDefang.
Regards,
David.
More information about the MIMEDefang
mailing list