|
|
BugTraq
Sendmail MIME DoS vulnerability Jun 20 2006 10:57PM Jain, Siddhartha (Siddhartha Jain kla-tencor com) (2 replies) Re: Sendmail MIME DoS vulnerability Jun 24 2006 05:51AM Claus Assmann ca+bugtraq (at) zardoc.endmail (dot) org [email concealed] (ca+bugtraq zardoc endmail org) |
|
Privacy Statement |
> Hi,
>
> I am trying to understand how the below mentioned sendmail
> vulnerability.
> http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
>
> The description says that the DoS occurs when sendmail goes in a deeply
> nested malformed MIME message and uses the MIME 8-bit to 7-bit
> conversion function. Under what conditions would sendmail use the MIME
> 8-bit to 7-bit function? Only when the remote MTA doesn't understand
> 8-bit MIME, right?
>
> That would mean that a malicious user would have to force the victim MTA
> to relay the malformed mail to a MIME 7-bit-only MTA for the attack to
> succeed. This probably means that open relays and ISP SMTP servers are
> more vulnerable than purely incoming SMTP servers.
>
> I am just trying to make sense of the advisory and the possible threat
> of exploit.
I didn't understand at first, either. As I attributed it to the DATA part
of the message. Apparently sendmail is smart enough to prevent the message
from not reaching the other side due to breakage using this. But I don't
get it completely yet.
Gadi.
>
>
> Thanks,
>
> - Siddhartha
>
[ reply ]