[Exim] virurstest.org test #19

Page principale
Supprimer ce message
Répondre à ce message
Auteur: David
Date:  
À: Exim Users
Sujet: [Exim] virurstest.org test #19
Hi !!

I was trying the tests a www.virustest.org and noticed that
test #19 "Blank Folding Vulnerability" , which sends an email
with a header line that contains only one white space or tab
makes exim think that headers terminate at that line. Altough
the resulting message is broken as exim breaks the headers at
that point, making the virus 'unusable', this makes not possible
to detect that circumstance using match on $message_headers and
prevents the viruscannner to detect the virus, so the broken
message reaches the end user. Any way to detect this vulnerability ?

--
Thanx & best regards ...

George Orwell was an optimist.

----------------------------------------------------------------
    David Saez Padros                http://www.ols.es
    On-Line Services 2000 S.L.       e-mail  david@???
    Pintor Vayreda 1                 telf    +34 902 50 29 75
    08184 Palau-Solita i Plegamans   movil   +34 670 35 27 53
----------------------------------------------------------------