Vigil@nce: dkim-milter, denial of service
March 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can use a revoked DKIM key in order to stop
dkim-milter.
Gravity: 2/4
Consequences: denial of service of service
Provenance: internet client
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: confirmed by the editor (5/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 02/03/2009
IMPACTED PRODUCTS
– Debian Linux
– Fedora
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The DKIM (DomainKeys Identified Mail) technology uses signatures
to authenticate emails. The public key used to check the signature
is stored in a DNS TXT record in the email sender domain. For
example:
mykey._domainkey IN TXT "g=; k=rsa; p=the-key"
When the key is revoked, the "p=" field is empty:
myrevokedkey._domainkey IN TXT "g=; k=rsa; p=the-key"
The dkim-milter program is a DKIM filter for Sendmail.
However, when an email is signed with a revoked key (with an empty
"p=" field), an assertion error occurs in dkim-milter.
An attacker can therefore use a revoked DKIM key in order to stop
dkim-milter.
CHARACTERISTICS
Identifiers: 2508602, FEDORA-2009-2374, VIGILANCE-VUL-8499
http://vigilance.fr/vulnerability/dkim-milter-denial-of-service-8499