MIME::tools Malware Detection Bypass

2004-11-02T16:07:26
ID OSVDB:11339
Type osvdb
Reporter Julian Field(), Stephane Lentz()
Modified 2004-11-02T16:07:26

Description

Vulnerability Description

MIME::Tools contains a flaw that may allow some malware to bypass certain scanning functionality. The issue is due to an error when parsing an empty "boundary" attribute in the "Content-Type" header. It is possible that the flaw may allow some malware to bypass certain scanning functionality, resulting in a loss of integrity.

Solution Description

Upgrade to version 5.415 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

MIME::Tools contains a flaw that may allow some malware to bypass certain scanning functionality. The issue is due to an error when parsing an empty "boundary" attribute in the "Content-Type" header. It is possible that the flaw may allow some malware to bypass certain scanning functionality, resulting in a loss of integrity.

References:

Vendor URL: http://www.mimedefang.org/node.php?id=48 Vendor Specific Advisory URL Secunia Advisory ID:13064 Secunia Advisory ID:13077 Secunia Advisory ID:13051 Other Advisory URL: http://www.mandrakesoft.com/security/advisories?name=MDKSA-2004:123