bogofilter quoted-printable decoder denial of service

bogofilter-dos (17916)

Low Risk

Description:

bogofilter is a Spam filter for email clients running on Linux and Unix-based operating systems. bogofilter stable versions 0.92.6, 0.92.4, 0.92.0, and 0.17.5, and current versions 0.17.4 through 0.92.7 are vulnerable to a denial of service attack, caused by improper validation of user-supplied input in the quoted printable decoder when handling linefeeds in encoded words. A remote attacker could send a malicious email containing a specially-crafted header to cause the filter to crash.

Platforms Affected:

• Canonical, Ubuntu 4.10
• Novell, Linux Desktop 9
• SourceForge, bogofilter 0.17.4 to 0.92.7
• SourceForge, bogofilter 0.17.5 - stable
• SourceForge, bogofilter 0.92.0 - stable
• SourceForge, bogofilter 0.92.4 - stable
• SourceForge, bogofilter 0.92.6 - stable
• SuSE, SuSE Linux 9.1
• SuSE, SuSE Linux 9.2
• SuSE, SuSE Linux Enterprise Server 9.0

Remedy:

Upgrade to the latest version of bogofilter (0.92.8 or later), available from the SourceForge.net Web site. See References.

For Ubuntu Linux:
Upgrade to the latest bogofilter package (0.92.0-1ubuntu0.1 or later), as listed in USN-26-1 November 17, 2004. See References.

Consequences:

Denial of Service

References:

• bogofilter Web page, Project: bogofilter -- Fast Bayesian Spam Filter: Summary at http://sourceforge.net/projects/bogofilter/.
• SourceForge.net, Project: bogofilter -- Fast Bayesian Spam Filter: File List at http://sourceforge.net/project/showfiles.php?group_id=62265&package_id=59357&release_id=277823.
• BID-11568: Bogofilter EMail Filter Remote Quoted Printable Decoder Denial Of Service Vulnerability
• CVE-2004-1007: The quoted-printable decoder in bogofilter 0.17.4 to 0.92.7 allows remote attackers to cause a denial of service (application crash) via mail headers that cause a line feed (LF) to be replaced by a null byte that is written to an incorrect memory address.
• SUSE-SA:2004:040: samba: remote denial of service
• USN-26-1: bogofilter vulnerability

Reported:

Nov 01, 2004

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page