/>
X

NISSC warns over MIME flaws

The UK's equivalent of CERT has issued a public warning over gateway security products that use the MIME protocol
zd-defaultauthor-dan-ilett.jpg
Written by Dan Ilett on
The National Infrastructure Security Coordination Centre (NISCC) has released details of hundreds of serious flaws in security products that use the MIME protocol.

Security consultancy firm Corsaire found more than 800 vulnerabilities in what it described as "the top 10" gateway protection products. MIME encodes email attachments and Internet file transfers on HTTP.

"[Vendors] say that the world is wonderful and that they'll protect you from everything," said Martin O'Neil, technical director for Corsaire. "But there have been a number of viruses and worms that get around the MIME protocol."

The firm warned NISCC of 190 attack vectors from 14 core issues with the Multi-Purpose Internet Mail Extensions protocol.

If exploited, the vulnerabilities could allow hackers to bypass content checking and antivirus tools Before going public with the research today, NISCC warned firms last year of the problem, and as a result, many vendors have already prepared patches.

"NISCC has done a really good job of communicating this to vendors. If people have been patching properly, they'll be OK," said Martin O'Neil, technical director for Corsaire.

Corsaire said there were around 100 gateway security products including antivirus, mail content checkers and Web filtering.

The vulnerabilities were found between June and August 2003.

Related

Delta Air Lines just made an embarrassing announcement (you may be livid)
screen-shot-2022-06-22-at-3-50-54-pm.png

Delta Air Lines just made an embarrassing announcement (you may be livid)

Business
US weather, climate forecasting is about to get way better
screen-shot-2017-09-07-at-1.jpg

US weather, climate forecasting is about to get way better

Innovation
On July 12, we'll see the universe like never before
51656393132-ca88bc21e3-k

On July 12, we'll see the universe like never before

Space