On Thu, 16 Sep 2004, Rudolph Pereira wrote: > Does this fix any of the issues raised in the most recent mime > vulnerability advisories from corsaire > (http://www.corsaire.com/news/040913-mime.html), etc?
Yes and no. The Corsaire advisory was an essentially content-free PR stunt. See my reply on the Bugtraq list (unfortunately, I cannot provide a URL right now, because securityfocus.com appears to be dead.) Basically, MIME-tools itself is neither vulnerable nor not-vulnerable to these issues -- it's just a library. The vulnerability lies in how you use it. Bottom line: To avoid being bitten by malformed MIME, always call "action_rebuild()" for any mail that you pass on. This does have certain negative side-effects, such as increased CPU time and possible breakage of S/MIME. See the comments in the sample filter that comes with MIMEDefang. Regards, David. _______________________________________________ Visit http://www.mimedefang.org and http://www.canit.ca MIMEDefang mailing list [EMAIL PROTECTED] http://lists.roaringpenguin.com/mailman/listinfo/mimedefang
