Bugtraq mailing list archives
Re: Another possible RFC 2046 vulnerability.
From: Earl Hood <earl () earlhood com>
Date: Mon, 30 Sep 2002 18:31:11 -0500
On September 27, 2002 at 13:01, Jose Marcio Martins da Cruz wrote:
What's interesting is that in this case the message and the malicious code passes through two different network paths : messages is sent by mail and the malicious code will be get by receiver by anonymous ftp. In the case of previous vulnerability (fragmented message), message and malicious code uses the same network path. Classical mail server virus scanners will never see the malicious code pass through it, as they will never have available entire malicious code.
Since the external-body type uses other standard network protocols, then the security policies of a company for other protocols (like ftp) would take effect. It is no different than if someone sends a message to someone saying "go download ftp://....".
I can't say anything about others mail clients, as I'm sick at home and I have no access to other MUAs.
The venerable MH, and its successor nmh, support the message/external-body type. The only real security risk is if a badly designed MUA automatically retrieves the data specified in a message/external-body (and RFC 2046 gives a warning about this). Otherwise, it poses the same security problems as someone including a URL in a regular mail message (which many MUAs automatically convert into a hyperlink). --ewh P.S. You may be interested in RFC 2017 that defines the URL access type for message/external-body.
Current thread:
- Re: Another possible RFC 2046 vulnerability. Earl Hood (Oct 01)