• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Multiple Vendor Buffer Overflow in MIME-aware Mail and News Clients Vulnerability

A buffer overflow exists in a number of MIME (Multi-purpose Internet Mail Extension) aware email clients that could possibly allow a would be attacker to execute arbitrary commands on the machine which the mail was delivered. It was not necessary in some situations to view the malicious piece of mail

A field in the MIME specification for mailing files contains the filename of the attached file. By carefully crafting a long filename, an attacker could overrun the end of a statically allocated buffer, and cause the remote machine to execute arbitrary commands. While a majority of the publicity surrounding this bug was directed towards the presence of this vulnerability in Netscape Navigator and Internet Explorer under Microsoft based operating systems, similar flaws existed in a number of other products and operating systems.

Fortunately, this vulnerability was discovered and fixed before it could cause any widespread damage. Due to its widespread nature, however, it is important to ensure that all mail clients that are suspect be brought up to their latest patch levels.