[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Simple] <note> in IMDN

To: Hisham Khartabil <hisham.khartabil at gmail.com>
Subject: Re: [Simple] <note> in IMDN
From: Eric Burger <eburger at standardstrack.com>
Date: Tue, 20 May 2008 20:01:59 -0400
Cc: simple at ietf.org
Delivered-to: ietfarch-simple-web-archive at core3.amsl.com
Delivered-to: simple at core3.amsl.com
In-reply-to: <66cd252f0805201622i71c3eba8y77796b14b55d3c8e@mail.gmail.com>
List-archive: <http://www.ietf.org/pipermail/simple>
List-help: <mailto:simple-request@ietf.org?subject=help>
List-id: SIP for Instant Messaging and Presence Leveraging Extensions <simple.ietf.org>
List-post: <mailto:simple@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/simple>, <mailto:simple-request@ietf.org?subject=unsubscribe>
References: <1660532724-1210725948-cardhu_decombobulator_blackberry.rim.net-784864713-@bxe033.bisx.prod.on.blackberry> <66cd252f0805131939t6569dab7r45d8ced20471a157@mail.gmail.com> <77384F67-E82C-483C-B555-665BFAF02D4E@standardstrack.com> <66cd252f0805132138m23aa3f42kf01ce0dcb7c42181@mail.gmail.com> <3092F25A-A072-4952-9C44-8C639B1925E2@softarmor.com> <66cd252f0805201622i71c3eba8y77796b14b55d3c8e@mail.gmail.com>
Sender: simple-bounces at ietf.org

Because it is unconstrained and by definition free-form.

On May 20, 2008, at 7:22 PM, Hisham Khartabil wrote:

> On 21/05/2008, Dean Willis <dean.willis at softarmor.com> wrote:
>>
>> On May 13, 2008, at 11:38 PM, Hisham Khartabil wrote:
>>
>>> Can you explain how it is an attack vector?
>>>
>>
>>
>> Unconstrained rich content is one of the most easily exploited attack
>> vectors.
>
> How is this different from every other header or part of an XML body
> in SIP, MSRP, IMPP or any other protocol that allows text to be
> entered in a field? Why is this particular <note> giving people grief?
>
>>
>> Buffer overrun attacks as well as all of the typical MIME compound- 
>> component
>> attacks are likely. For example, the common JPEG vulnerabilities  
>> might be
>> exploitable:
>>
>> http://www.news.com/Image-virus-spreads-via-chat/2100-7349_3-5390463.html
>>
>>
>> Or the content-execution weakness that caused the Macintosh Safari  
>> browse to
>> be most easily exploited in recent hacking contests:
>>
>> http://www.engadget.com/2007/07/23/safari-exploit-gives-hackers-full-control-of-your-iphone/
>>
>>
>> There have also been exploits against QuickTime, Flash, and most  
>> other
>> plugin components from time to time.
>>
>> --
>> Dean
>>

_______________________________________________
Simple mailing list
Simple at ietf.org
https://www.ietf.org/mailman/listinfo/simple

Follow-Ups:
- Re: [Simple] <note> in IMDN
  - From: Hisham Khartabil

References:
- Re: [Simple] <note> in IMDN
  - From: eburger
- Re: [Simple] <note> in IMDN
  - From: Hisham Khartabil
- Re: [Simple] <note> in IMDN
  - From: Eric Burger
- Re: [Simple] <note> in IMDN
  - From: Hisham Khartabil
- Re: [Simple] <note> in IMDN
  - From: Dean Willis
- Re: [Simple] <note> in IMDN
  - From: Hisham Khartabil

Prev by Date: Re: [Simple] <note> in IMDN
Next by Date: Re: [Simple] <note> in IMDN
Previous by thread: Re: [Simple] <note> in IMDN
Next by thread: Re: [Simple] <note> in IMDN
Index(es):
- Date
- Thread