lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <2BA50DCEB0119849BCDD0BEB7EC5F9630271F16B@CA1EXCLV02.adcorp.kla-tencor.com>
Date: Tue, 20 Jun 2006 15:57:32 -0700
From: "Jain, Siddhartha" <Siddhartha.Jain@...-tencor.com>
To: <bugtraq@...urityfocus.com>
Subject: Sendmail MIME DoS vulnerability


Hi,

I am trying to understand how the below mentioned sendmail
vulnerability. 
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc

The description says that the DoS occurs when sendmail goes in a deeply
nested malformed MIME message and uses the MIME 8-bit to 7-bit
conversion function. Under what conditions would sendmail use the MIME
8-bit to 7-bit function? Only when the remote MTA doesn't understand
8-bit MIME, right?

That would mean that a malicious user would have to force the victim MTA
to relay the malformed mail to a MIME 7-bit-only MTA for the attack to
succeed. This probably means that open relays and ISP SMTP servers are
more vulnerable than purely incoming SMTP servers.

I am just trying to make sense of the advisory and the possible threat
of exploit.


Thanks,

- Siddhartha

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ