Bugtraq: Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Bugtraq mailing list archives

Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue

From: "David F. Skoll" <dfs () roaringpenguin com>
Date: Wed, 15 Sep 2004 14:51:06 -0400 (EDT)

On Wed, 15 Sep 2004, David Covin wrote:

Two points:

It's fair to argue
that canonicalizing is the more useful policy, but not that it is the
only secure one.


Fair enough, with the caveat that it's probably easier to canonicalize
than to detect all MIME messages that might possibly be misinterpreted.

2. Your logic sounds convincing, but interposing a proxy that
systematically changes incoming messages raises red flags in my mind.


Indeed.

Yours is a more sophisticated approach, but I still see the
potential for strange interactions between the gateway security
product's MIME implementation and those of sending and receiving
programs.  Have you found this to be a problem, for those who've
been using this filter?


I have run into some problems, which is why the canonicalization is
disabled by default.

Regards,

David.

By Date By Thread

Current thread:

Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue advisories (Sep 14)
- Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 15)
  - Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David Covin (Sep 15)
    - Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue David F. Skoll (Sep 16)
    - Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue Borja Marcos (Sep 17)
    - Re: Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue Greg A. Woods (Sep 18)