[Tickets #14748] Re: mailsploit vulnerability
noreply at bugs.horde.org
noreply at bugs.horde.org
Wed Dec 6 12:23:32 UTC 2017
BITTE NICHT AUF DIESE NACHRICHT ANTWORTEN. NACHRICHTEN AN DIESE
E-MAIL-ADRESSE WERDEN NICHT GELESEN.
Ticket-URL: https://bugs.horde.org/ticket/14748
------------------------------------------------------------------------------
Ticket | 14748
Aktualisiert Von | sca at andreasschulze.de
Zusammenfassung | mailsploit vulnerability
Warteschlange | IMP
Version | 6.2.21
Typ | Bug
Status | Unconfirmed
Priorität | 1. Low
Milestone |
Patch |
Zuständige |
------------------------------------------------------------------------------
sca at andreasschulze.de (2017-12-06 12:23) hat geschrieben:
> many client are affected by 'mailsploit': https://www.mailsploit.com/index
>
> Basically the attacker uses special characters inside encoded words
> to spoof the sender:
>
> From:
> =?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?==?utf-8?Q?=00?==?utf-8?b?cG90dXNAd2hpdGVob3VzZS5nb3Y=?=@mailsploit.com
>
> Such header naively decoded incorrectly is:
> potus at whitehouse.gov\0potus at whitehouse.gov@mailsploit.com
>
> IMP fail to decode / parse the RFC5322.From Header correctly
there is a MAAWG Recommendation document:
https://www.m3aawg.org/sites/default/files/m3aawg-unicode-best-practices-2016-02.pdf
More information about the bugs
mailing list