OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: -mat- filid brandy (brandyKLAMMERAFFE.ORG)
Date: Sat Apr 21 2001 - 13:19:00 CDT

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    This is a forwarded message
    From: Bat Registrierservice <bathelpis-web.com>
    To: GardenStoneboudicca.de <GardenStoneboudicca.de>
    Date: Saturday, April 21, 2001, 5:34:36 PM
    Subject: The Bat! - Fehlermeldung [BUG-F8FEFAE1]

    ===8<==============Original message text===============
    ____________________________________________________________________
    Nachricht vom : Freitag, 20. April 2001 <11:21>
    zum Thema : The Bat! - Fehlermeldung [BUG-F8FEFAE1]
    Bearbeitung: dhu <21.04.2001 - 17:32> Dieter Hummel
    Status: done5e
    ____________________________________________________________________

    Antwort von Ritlabs:

      This is not a bug of The Bat! but a bug of MTA (POP3/SMTP servers)
      that allow such odd messages. The proposed "bad-message"
      (http://www.security.nnov.ru/files/badmess.zip) is not
      RFC-compliant. Any RFC-compliant POP3/SMTP server must either bounce
      or cure it. I've used a proposed example to send the message to
      myself, on a FreeBSD server with Sendmail 8.11.1 I've typed
      cat badmess | sendmail -U maxritlabs.com

      This message has been received by a KSI-Linux server with sendmail
      8.8.8 and the POP3 to retrieve was Marc Crispin's daemon v2000.69.

      The message has been received with orphaned LF's replaced to CR-LF
      pairs. Some MTA software in transit has cured the message.

      The Bat! could bounce such odd messages but it doesn't do it
      intentionally because there are some odd mailserver that use single
      LF as a line endings. These servers, however, will quote the dot in
      the end of line and the proposed "bad-message" won't work with them
      either.

     ...und eine weitere kurz hinterher:

      I however made The Bat! to handle CR and LF that strictly to avoid
      this vulnerability.

    ÷---------------------- [ The Bat! Mailing-Listen ] ----------------------÷
    | Abonnieren Sie jetzt gleich kostenlos und unverbindlich die |
    | 'Offizielle deutschsprachige The Bat! Diskussionsliste' |
    | thebat-dt-subscribeyahoogroups.com und profitieren Sie von der |
    | Erfahrung von über 330 Mitgliedern. |
    | |
    | Sie sind mit The Bat! noch nicht vertraut oder zieren sich, |
    | vermeintlich 'dumme' Fragen zu stellen? Dann ist die 'Beginner' |
    | Diskussionsliste das Richtige für Sie. Abonnieren Sie unverbindlich |
    | unter thebat-dt-beginner-subscribeyahoogroups.com und fragen Sie, was |
    | Sie bisher vielleicht nicht wagten... |

    ÷-------------------------------------------------------------------------÷

    Mit freundlichen Grüssen
    Integrated Services GbR
    Offizielle deutsche Repräsentanz von RITLabs SRL, Moldava
    Autorisierter The Bat! Registrier- und Supportservice 

    --

    Online Registrierung : http://www.register-me.de/the_bat/register.html
Hilfedatei v1.5.0    : http://www.BatMail.de

                 Integrated Services e.K. | Web-Design  Web-Hosting
                       Fon + Fax: +49.721.151248335
                 Email: salesis-web.com | dhuis-web.com
                 The Bat! v1.52 Beta/9 mod [2E7F60DA]

    ++ Outgoing mail with possible attachment is found to be virus free ++
   Checked by AVP, using database update from 04-18-2001