Preface: SMTP MIME null charsetLogo -Internet Security Systems

SMTP MIME null charset
advICE :Intrusions : 2001029
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

A malformed MIME header was seen, with an empty charset field. This may indicate an effort to subvert the e-mail server.

Details

MIME introduced some additional complexity into Internet mail processing. In the original Internet mail standard, the data could only be text; however, under MIME, the data could represent graphics, music, text (in any of a variety of languages), and so forth. There had to be a way for the mail to indicate what type of data it contains, directives for the mail server, and so forth. All of this information is conveyed via a special set of data at the start of a mail called MIME Headers.

This detection indicates that the MIME headers contains an empty charset field. An attack may be attempting to break into or crash a system via its SMTP server.

 more information
BugtraqID: 1869   Malformed MIME Header Vulnerability discussion
 
Patch Available for "Malformed MIME Header" Vulnerability  
 
RFC822   Standard for the format of ARPA Internet text messages
 
RFC2045   Multipurpose Internet Mail Extensions(MIME) Part One: Format of Internet Message Bodies
 
RFC2046   Multipurpose Internet Mail Extensions(MIME) Part Two: Media Types
 
RFC2047   Multipurpose Internet Mail Extensions(MIME) Part Three: Message Header Extensions for Non-ASCII Text
 
RFC2048   Multipurpose Internet Mail Extensions(MIME) Part Four: Registration Procedures
 
RFC2049   Multipurpose Internet Mail Extensions(MIME) Part Five: Conformance Criteria and Examples
  
 
Version appeared: 2.5
Privacy Policy |  Copyright Info