funsec mailing list archives
Re: 2 critical vulns and the clock is ticking.. [Fwd: [EEYEB-2000801]]
From: Matthew Murphy <mattmurphy () kc rr com>
Date: Tue, 10 Jan 2006 18:01:48 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: RIPEMD160 Gadi Evron wrote:
OK, so we have an advisory for this. Fun. Any idea about the NGSsoftware one? Gadi.
It appears that NGSSoftware's report is related to the TNEF functionality that supports embedding COM/OLE/ActiveX objects into RTF e-mail. The MS bulletin states that TNEF files can contain "malicious OLE objects" which I take to mean you can embed items that, when viewing on them is triggered, execute code that may not be safe for a mail-reading environment. Exactly what that has to do with Exchange Server's role in processing routed TNEF-encoded e-mail, I have no idea. TNEF is only used to encode e-mail in Microsoft's proprietary "Rich Text" format, which is a heavily-extended RTF. Due to the information leakage and incompatibility of TNEF with standards-compliant e-mail readers, most servers and most users shouldn't have a need to send or receive RTF e-mail with attached TNEF formatting information. Stripping the relevant MIME type (I believe, application/x-ms-tnef) should be sufficient. It will reduce potentially-nasty RTF-encoded e-mail to standard plain text. - -- "Social Darwinism: Try to make something idiot-proof, nature will provide you with a better idiot." -- Michael Holstein -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2 (MingW32) iD8DBQFDxErrfp4vUrVETTgRA0KsAJ9db/mSRDl7luRN8QzicoN9JpUlewCfbzPD uPUxmEluYbrlQGVVgxX3nTA= =GunB -----END PGP SIGNATURE-----
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- 2 critical vulns and the clock is ticking.. [Fwd: [EEYEB-2000801]] Gadi Evron (Jan 10)
- Re: 2 critical vulns and the clock is ticking.. [Fwd: [EEYEB-2000801]] Mike Owen (Jan 10)
- Re: 2 critical vulns and the clock is ticking.. [Fwd: [EEYEB-2000801]] Matthew Murphy (Jan 10)
- RE: 2 critical vulns and the clock is ticking..[Fwd: [EEYEB-2000801]] Richard M. Smith (Jan 10)
- Re: 2 critical vulns and the clock is ticking..[Fwd: [EEYEB-2000801]] Valdis . Kletnieks (Jan 10)
- RE: 2 critical vulns and the clock is ticking..[Fwd: [EEYEB-2000801]] Richard M. Smith (Jan 10)