Corsaire Identify Multiple Vulnerabilities In Core MIME Protocol
Woking — 13 September 2004 —Corsaire (http://www.corsaire.com), a global leader in information security solutions and vulnerability research, have today announced the publication of a collection of eight technical advisories detailing implementation issues in the core MIME protocol used within email and web products.
The Multipurpose Internet Mail Extensions (MIME) are used in a variety of areas, but most commonly in Email clients, Web browsers, Anti-virus products, Mail content checkers and Web content checkers. The vulnerabilities centre on the ability of these products to cope with malformed MIME constructs and could if exploited allow attackers to bypass content checking and antivirus tools.
Corsaire advise the infosecurity community to treat this with particular concern at the present time as this kind of deliberate corruption has already been used by a number of high-profile viruses and worms, such as Nimda, Netsky and Badtrans.
The issues were discovered in the period between June and August 2003, and Corsaire have worked throughout the last year in partnership with the UK NISCC team to ensure that the affected vendors have had access to the relevant information and tools to reproduce and correct the issues.
Martin O’Neal, Technical Director at Corsaire comments, “Unlike other security companies actively performing research, Corsaire do not produce a range of own-brand security software products that rely on the output. Because of this, we are under no internal pressure to release our research prematurely and can engage in longer-term relationships with the vendors and community at large to help solve their problems.”
Indeed many security vendors have already silently released patched versions of their software in the last year, and anyone who is in doubt as to the status of the products used within their environment are urged to contact their vendors for a statement in this regard.
Of the partnership with NISCC O’Neal says, “The ongoing Corsaire / NISCC partnership is really delivering value for all parties concerned. It allows us to concentrate on our core consultancy, whilst the vendors and critical national infrastructure gain access to the information they need in a timely fashion. Everyone benefits.”