ripMIME Attachment Extraction Bypass

2004-07-30T00:00:00
ID OSVDB:8287
Type osvdb
Reporter Paul L Daniels(pldaniels@pldaniels.com)
Modified 2004-07-30T00:00:00

Description

Vulnerability Description

ripMIME contains a flaw related to premature termination of base64 decoding caused by MIME data that contains invalid characters, which may allow an attacker to bypass filtering software. No further details have been provided.

Solution Description

Upgrade to version 1.3.2.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

ripMIME contains a flaw related to premature termination of base64 decoding caused by MIME data that contains invalid characters, which may allow an attacker to bypass filtering software. No further details have been provided.

References:

Vendor URL: http://www.pldaniels.com/ripmime/ Secunia Advisory ID:12201 Other Advisory URL: http://www.pldaniels.com/ripmime/CHANGELOG ISS X-Force ID: 16867 CVE-2004-2619 Bugtraq ID: 10848