Skip to content

Instantly share code, notes, and snippets.

@dkg

dkg/CVE-2017-7229.md

Created May 3, 2017 18:24
Show Gist options
  • Save dkg/a1998c861bf2430e0d01d586905b11cb to your computer and use it in GitHub Desktop.
Save dkg/a1998c861bf2430e0d01d586905b11cb to your computer and use it in GitHub Desktop.
Download ZIP
A description of 2017-7229: Vaultive O365 Content-Type Mangling
Raw
CVE-2017-7229.md

CVE-2017-7299

Vaultive O365 Content-Type Mangling

PGP/MIME encrypted messages injected into a Vaultive O365 frontend via IMAP or SMTP have their Content-Type changed from:

Content-Type: multipart/encrypted; protocol="application/pgp-encrypted"; boundary="abc123abc123"

to:

Content-Type: text/plain

This results in the encrypted message being structured in such a way that most PGP/MIME-capable mail user agents are unable to decrypt it cleanly.

The outcome is that encrypted mail passing through this device does not work (Denial of Service), and a common real-world consequence is a request to send re-send the mail in the clear (Information Disclosure).

Additional Information

Vaultive has acknowledged the issue and fixed this in version 4.5.21

Vulnerability Type

CWE-222: Truncation of Security-relevant Information

Vendor of Product

Vaultive

Affected Product Code Base

Vaultive Office 365 Security - version 4.5.19

Affected Component

IMAP and SMTP interfaces to Vaultive O365 Security (other interfaces untested)

Impact

  • Denial of Service
  • Information Disclosure

Attack Vectors

The vulnerability is triggered by anyone sending PGP/MIME encrypted mail through a Vaultive appliance

Discoverer

Daniel Kahn Gillmor, ACLU

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment