Symantec Brightmail AntiSpam: winmail.dat File, Denial of Service
SUMMARY
Risk Impact
Low
|
Remote Access |
Yes (incoming mail) |
|
Local Access |
No |
|
Authentication Required |
No |
|
Exploit publicly available |
NA |
AFFECTED PRODUCTS
|
Product |
Version |
Build |
Platform |
Solution |
|
Symantec Brightmail AntiSpam |
6.0 |
1 |
RedHat Linux |
|
|
Symantec Brightmail AntiSpam |
6.0 |
2 |
RedHat Linux |
|
|
Symantec Mail Security 8200 Series Appliance |
All |
All |
NA |
Automatic Update available (build 4.1.0-58) |
ADDITIONAL PRODUCT INFORMATION
Note: Customers with product versions prior to 6.0.1 are encouraged to upgrade to the latest product version.
Non-Affected Products
|
Product |
Version |
Build |
Solution |
|
Symantec Brightmail AntiSpam |
Win32 |
All |
All |
|
Symantec Brightmail AntiSpam |
Win32 |
All |
All |
ISSUES
Details
A potential Denial of Service issue has been identified and fixed in the Symantec Brightmail AntiSpam product. This issue occurs only when processing specific malformed winmail.dat files on RedHat Linux systems.
MITIGATION
Symantec Response
An update for Symantec Brightmail AntiSpam Versions 6.0.1 and 6.0.2 on RedHat Linux has been released and can be downloaded from the following location:
ftp://ftp.symantec.com/public/english_us_canada/products/sba/sba_60x/updates/patch157.zip
An update for the Symantec Mail Security 8200 Series Appliance is available through its software update feature.
Symantec is not aware of any active attempts against or customers impacted by this issue.
As a part of normal best practices, users should keep vendor-supplied patches for all application software and operating systems up-to-date. Symantec strongly recommends any affected customers update their product immediately to protect against these types of threats