Posts Tagged ‘DKIM’

Vulnerability

e-mail server Exim

Developers of the Exim mail server reported that all versions from 4.70 and 4.80 inclusive ending, found a vulnerability that may allow a remote attacker theoretically get full access to the system is running Exim.

The vulnerability is manifested in the subsystem configurations DKIM, which is enabled by default, and is present in most assemblies Exim in different distributions.

Error is found in the code with the implementation of an authentication protocol authentication e-mail messages DKIM (DomainKeys Identified Mail) and is manifested by the lack of sufficient test data returned by the remote DNS-server, which allows the execution of arbitrary code when decoding specially decorated DNS-response. To exploit the vulnerability to send email from the domain that is serviced controlled attackers DNS-server, and the server’s request to return the victim’s specially modified DNS-response. (more…)

E-mail services vulnerable

E-mail Services

Companies Google, Microsoft, Yahoo!, PayPal and eBay recently eliminated a gap in a cryptographic system to e-mail services, which allowed hackers to forge a digital signature and send them messages purportedly from the employees of these companies.

The vulnerability exists in the system DomainKeys Identified Mail (DKIM), which is used by e-mail providers to make special reports cryptographic signature. This signature confirms the domain name of the sender, which simplifies the process of filtering malicious messages.

DKIM implementation issue was that if the amount of the signature key is less than 1024 bits, if sufficient computing power can be forged. US-CERT has confirmed in the notice that the keys are shorter than 1.024 bits do not provide a sufficient level of security, and that all the keys up to RSA-768 can be forged. (more…)