RSS News Feed News Feed XML News Feed

Home

A.P.B.

Designs

Virus

Exploits

Primers

Definitions

Movies

Police Forces

Home > Exploits > Software/Hardware > Symantec Brightmail AntiSpam Denial of Service Vulnerabilities

 

Vulnerability: Symantec Brightmail AntiSpam Denial of Service Vulnerabilities

Secunia Advisory: SA16733

CVE: not yet available

Credit: reported by vendor

Vulnerable: Symantec Brightmail AntiSpam v. 6.x

Patch: A vendor-supplied patch is available

 

A remote attacker can launch a Denial of Service attack (DoS) due to an error by the anti-virus scanner when processing deeply nested zip files.  This attack is possible because the anti-virus scanner can take a really long period of time to fully scan or clean deeply nested zip files.  As well, if a message contains winmail.dat objects embedded in a MIME attachment, this can be exploited to crash the decomposer due to an error in its handling of these messages.

 

 

Copyright (c) 2005, 2008  A. Ryan Robbins.  All Rights Reserved.

 

 

Google
 
Web ycopfiles.com

 

 

Privacy

Copyright

About

Contact

Site Map

Blog Frog