Overview
Symantec Brightmail Anti-Spam Spamhunter crashes when trying to convert certain valid character sets to UTF, resulting in a denial-of-service condition.
Description
Brightmail Anti-Spam Spamhunter is a spam filter designed for corporate environments. The Brightmail Anti-Spam Spamhunter module cannot parse the following character sets:
According to the notes included with Spamhunter Patch 132: The character converters used by the Spamhunter and Language ID modules do not recognize certain valid character encoding sets, specifically ISO-8859-10, ISO-8859-13, ISO-8859-15 (nordic), and CP866 (russian). Previously, these modules assumed that a valid encoding meant the converter would recognize the character set. In the case of ISO-8859-10, when the converter did not recognize the character set, a crash would result. |
Impact
If a remote attacker supplies the Brightmail Anti-Spam Spamhunter with a specially crafted email that is encoded with one of the character sets Spamhunter cannot parse (see list above), that attacker may be able to crash the service resulting in a denial-of-service condition. |
Solution
Apply Patch
|
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This vulnerability was publicly reported by Symantec.
This document was written by Jeff Gennari.
Other Information
| CVE IDs: | None |
| Severity Metric: | 3.00 |
| Date Public: | 2004-12-17 |
| Date First Published: | 2005-01-05 |
| Date Last Updated: | 2005-01-05 21:16 UTC |
| Document Revision: | 62 |