Symantec Brightmail Anti-Spam Spamhunter crashes when trying to convert certain valid character sets to UTF, resulting in a denial-of-service condition.
Brightmail Anti-Spam Spamhunter is a spam filter designed for corporate environments. The Brightmail Anti-Spam Spamhunter module cannot parse the following character sets:
According to the notes included with Spamhunter Patch 132:
The character converters used by the Spamhunter and Language ID modules do not recognize certain valid character encoding sets, specifically ISO-8859-10, ISO-8859-13, ISO-8859-15 (nordic), and CP866 (russian). Previously, these modules assumed that a valid encoding meant the converter would recognize the character set. In the case of ISO-8859-10, when the converter did not recognize the character set, a crash would result.
If a remote attacker supplies the Brightmail Anti-Spam Spamhunter with a specially crafted email that is encoded with one of the character sets Spamhunter cannot parse (see list above), that attacker may be able to crash the service resulting in a denial-of-service condition.
This vulnerability was publicly reported by Symantec.
This document was written by Jeff Gennari.
|Date First Published:||2005-01-05|
|Date Last Updated:||2005-01-05 21:16 UTC|