[15894] in bugtraq
quick Postfix check for Outlook date exploit
daemon@ATHENA.MIT.EDU (Mark Lastdrager)
Fri Jul 21 17:21:00 2000
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.21.0007211827070.5234-100000@atro.pine.nl>
Date: Fri, 21 Jul 2000 18:34:58 +0200
Reply-To: mark@security.nl
From: Mark Lastdrager <mark@SECURITY.NL>
To: BUGTRAQ@SECURITYFOCUS.COM
Hi,
With a little help from Koos van den Hout I made a small header_check
for Postfix to prevent people from exploiting the latest Outlook
bug. A quick test shows it works but don't come complaining when it
doesn't ;-)
In your main.cf put this line:
header_checks = regexp:/etc/postfix/header_checks
(path depends on where your postfix config lives)
In header_checks put:
/^Date:.{60,}$/ REJECT
This will reject messages with a date line longer than 60 chars.
Don't forget postfix reload ;-)
Mark Lastdrager
Pine Internet
--
email: mark@lastdrager.nl :: ML1400-RIPE :: tel. +31-70-3111010
http://www.pine.nl :: RIPE RegID nl.pine :: fax. +31-70-3111011
PGP key ID 92BB81D1 :: Dutch security news @ http://security.nl
Today's excuse: because of network lag due to too many people playing
deathmatch
