Subject: Sendmail MIME DoS vulnerability
Date: Tue, 20 Jun 2006 15:57:32 -0700
Message-ID: <2BA50DCEB0119849BCDD0BEB7EC5F9630271F16B@CA1EXCLV02.adcorp.kla-tencor.com.>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: Sendmail MIME DoS vulnerability
thread-index: AcaUvOmdxNlspH2nQCOeEEnG3IMsnw==
From: "Jain, Siddhartha" <Siddhartha.Jain@kla-tencor.com.>
To: <bugtraq@securityfocus.com.>
X-OriginalArrivalTime: 20 Jun 2006 22:57:32.0786 (UTC) FILETIME=[EA090520:01C694BC]
X-Proofpoint-Spam-Reason: safe
X-Virus-Scanned: antivirus-gw at tyumen.ru
Hi,
I am trying to understand how the below mentioned sendmail
vulnerability.=20
http://www.sendmail.com/security/advisories/SA-200605-01.txt.asc
The description says that the DoS occurs when sendmail goes in a deeply
nested malformed MIME message and uses the MIME 8-bit to 7-bit
conversion function. Under what conditions would sendmail use the MIME
8-bit to 7-bit function? Only when the remote MTA doesn't understand
8-bit MIME, right?
That would mean that a malicious user would have to force the victim MTA
to relay the malformed mail to a MIME 7-bit-only MTA for the attack to
succeed. This probably means that open relays and ISP SMTP servers are
more vulnerable than purely incoming SMTP servers.
I am just trying to make sense of the advisory and the possible threat
of exploit.
Thanks,
- Siddhartha
