Overview
Due to a problem parsing carriage return/line feeds in RFC822 format mail messages, The Bat! mail client may permaturely detect the end of a mail message, causing an error to occur. This error may prevent the mail user from retrieving other mail messages until the message with the error is removed.
Description
Because The Bat! may incorrectly accept a carriage return as a carriage return/line feed pair, a valid RFC822 message containing isolated carriage returns may cause The Bat! to prematurely identify the end of a mail message. Subsequent lines in the body of the message may cause The Bat! to generate an error message. Since the email message was not successfully retrieved, it is not deleted from the POP3 or IMAP server, causing a similiar error on subsequent attempts to retrieve mail. |
Impact
By injecting a malicious message into a user's mailstream (sending it to their POP3 or IMAP server) an attacker can cause that user to be unable to retrieve their mail until the offending message is removed. This may require the user's mail administrator to intervene. |
Solution
Upgrade Your Mail Client The Bat! v1.42 Beta/10 released Sat, 21 Apr 2001 fixes this problem. |
Remove Malicious Mail Messages Using Another Mail Client |
Vendor Information
CVSS Metrics
| Group | Score | Vector |
|---|---|---|
| Base | ||
| Temporal | ||
| Environmental |
References
Acknowledgements
This problem appears to have been discovered by a researcher at security.nnov.ru.
This document was written by Cory F. Cohen.
Other Information
| CVE IDs: | CVE-2001-0675 |
| Severity Metric: | 1.62 |
| Date Public: | 2001-04-25 |
| Date First Published: | 2001-06-01 |
| Date Last Updated: | 2001-08-30 20:21 UTC |
| Document Revision: | 8 |