Alpine crashes on certain encoded messages
Subject says it, mostly - Alpine v1.00 running on Mac OS 10.5, used against an Exchange server (starting about a month ago - this didn’t happen on Cyrus) over secure IMAP, crashes on certain messages (the same ones, FWIW, that MacPine doesn’t crash on, but displays as blank and claims are malformed). A raw (as raw as I can manage in MacPine, anyway) dump of such a message follows:
MIME-Version: 1.0
Received: from hermes30.mail.cornell.edu (132.236.56.55) by
diehard4.mail.cornell.edu (132.236.56.42) with Microsoft SMTP Server
id
8.1.340.0; Fri, 23 Oct 2009 19:19:59 –0400
Received: (from daemon@localhost) by hermes30.mail.cornell.edu
(8.13.6/8.13.6)
id n9NNK0V1024884; Fri, 23 Oct 2009 19:20:00 –0400 (EDT)
Received: from walnut.mail.cornell.edu (walnut.mail.cornell.edu
[128.253.83.153]) by hermes30.mail.cornell.edu (8.13.6/8.13.6) with
ESMTP id
n9NNJxLf024873; Fri, 23 Oct 2009 19:19:59 –0400 (EDT)
Received: from listserv.educause.edu (listserv.educause.edu
[198.59.61.53]) by
walnut.mail.cornell.edu (8.13.1/8.14.2) with ESMTP id n9NNJnFZ028802;
Fri, 23
Oct 2009 19:19:57 –0400
Received: from LISTSERV ([192.168.1.48]) by listserv.educause.edu
with
Microsoft SMTPSVC (6.0.3790.3959); Fri, 23 Oct 2009 17:19:46 –0600
Received: by LISTSERV.EDUCAUSE.EDU (LISTSERV-TCP/IP release 15.5) with
spool
id 2492284 for SECURITY@LISTSERV.EDUCAUSE.EDU; Fri, 23 Oct 2009
17:19:40 –0600
Received: from [136.167.2.51] by LISTSERV.EDUCAUSE.EDU (SMTPL release
1.0w)
with TCP; Fri, 23 Oct 2009 17:19:39 –0600
Received: from raptor01.bc.edu (outmail2.bc.edu [136.167.2.43]) by
acedia.bc.edu (8.14.1/8.14.1) with ESMTP id n9NNJctj021917
(version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT) for
<SECURITY@LISTSERV.EDUCAUSE.EDU>; Fri, 23 Oct 2009 19:19:38
–0400
Received: from [136.167.17.15] (136.167.17.15) by raptor02.bc.edu
(192.168.1.52) with Microsoft SMTP Server id 8.1.393.1; Fri, 23 Oct
2009 19:19:36 –0400
From: David Bowie <david.bowie@BC.EDU>
To: “SECURITY@LISTSERV.EDUCAUSE.EDU”
<SECURITY@LISTSERV.EDUCAUSE.EDU>
Sender: The EDUCAUSE Security Constituent Group Listserv
<SECURITY@LISTSERV.EDUCAUSE.EDU>
Date: Fri, 23 Oct 2009 19:19:33 –0400
Subject: Re: [SECURITY] Special terms of use
Thread-Topic: [SECURITY] Special terms of use
Thread-Index: AcpUN1d2NoLJA0LbStGfIV8CogtKgw==
Message-ID: <4AE23A05.90609@bc.edu>
References: <0e5e01ca5413$b9e0cdf02da269d0
@edu>
List-Help:
<http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY>,
<mailto:LISTSERV@LISTSERV.EDUCAUSE.EDU?body=INFO%20SECURITY>
List-Subscribe:
<mailto:SECURITY-subscribe-request@LISTSERV.EDUCAUSE.EDU>
List-Unsubscribe:
<mailto:SECURITY-unsubscribe-request@LISTSERV.EDUCAUSE.EDU>
In-Reply-To: <0e5e01ca5413$b9e0cdf02da269d0
@edu>
Reply-To: The EDUCAUSE Security Constituent Group Listserv
<SECURITY@LISTSERV.EDUCAUSE.EDU>
Accept-Language: en-US
Content-Language: en-US
X-MS-Exchange-Organization-AuthAs: Anonymous
X-MS-Exchange-Organization-AuthSource: diehard4.mail.cornell.edu
X-MS-Has-Attach: yes
X-Auto-Response-Suppress: All
X-MS-TNEF-Correlator:
x-ph: V4.1@hermes30
x-pmx-version: 5.4.2.338381, Antispam-Engine: 2.6.0.325393,
Antispam-Data:
2009.10.23.230619
x-pmx-cornell-spam-checked: walnut
list-owner: <mailto:SECURITY-request@LISTSERV.EDUCAUSE.EDU>
user-agent: Thunderbird 2.0.0.23 (Windows/20090812)
x-originalarrivaltime: 23 Oct 2009 23:19:46.0971 (UTC)
FILETIME=[4FA63EB0:01CA5437]
list-archive:
<http://listserv.educause.edu/cgi-bin/wa.exe?LIST=SECURITY>
x-proofpoint-virus-version: vendor=fsecure
engine=1.12.8161:2.4.5,1.2.40,4.0.166
definitions=2009-10-23_13:2009-09-29,2009-10-23,2009-10-23
signatures=0
x-proofpoint-spam-details: rule=quarantine_notspam policy=quarantine
score=0
spamscore=0 ipscore=0 phishscore=0 bulkscore=0
adultscore=0 classifier=spam adjust=0 reason=mlx
engine=5.0.0-0908210000 definitions=main-0910230222
ID hj9ubnu0g on acedia-10000_instance1 (192.168.1.24)
Content-Type: multipart/signed;
protocol=“application/x-pkcs7-signature”;
micalg=sha1; boundary=“——————ms090406090304080309080404”
———————ms090406090304080309080404
Content-Type: multipart/mixed;
boundary=“——————030802020704040207010103”
This is a multi-part message in MIME format.
———————030802020704040207010103
Content-Type: multipart/alternative;
boundary=“——————030903040003030903080202”
———————030903040003030903080202
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Brad Alexander wrote:
Does anyone have a template for special terms of use that their
systems are private and not allow unauthorized access.I would like to add it to the motd file.
Ok. It’s Friday, I’m on vacation next week, and you did say it was
for ‘special’ terms of use. Here is the one I use on one of my
monitoring systems. It may not carry much weight, but it does cause
pause.
—djb
———————030903040003030903080202
Content-Type: multipart/related;
boundary=“——————040700080400080105040907”
———————040700080400080105040907
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit
<!DOCTYPE html PUBLIC “-//W3C//DTD HTML 4.01 Transitional//EN”>
Brad Alexander wrote:
<!-- /* Font Definitions */ @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:12.0pt; font-family:"Arial","sans-serif";} a:link, span.MsoHyperlink {mso-style-priority:99; color:blue; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:purple; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Arial","sans-serif"; color:windowtext; font-weight:normal; font-style:normal; text-decoration:none none;} .MsoChpDefault {mso-style-type:export-only;} @page Section1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.Section1 {page:Section1;} -->
Does anyone have a template for special terms of
use that
their systems are private and not allow unauthorized access.<o:p></o:p>
<o:p> </o:p>
I would like to add it to the motd file.<o:p></o:p>
<o:p> </o:p>
Ok. It’s Friday, I’m on vacation next week, and you did say it
was
for ‘special’ terms of use. Here is the one I use on one of my
monitoring systems. It may not carry much weight, but it does cause
pause.
—djb
———————040700080400080105040907
Content-Type: image/jpeg;
name=“moz-screenshot-6.jpg”
Content-Transfer-Encoding: base64
Content-ID: <part1.08050700.09090603@bc.edu>
Content-Disposition: inline;
filename=“moz-screenshot-6.jpg”
[encoded .JPG not include]
———————040700080400080105040907—
———————030903040003030903080202—
———————030802020704040207010103
Content-Type: text/x-vcard; charset=utf-8;
name=“david_bowie.vcf”
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=“david_bowie.vcf”
begin:vcard
fn:David Bowie
n:Bowie;David
org:Boston College;ITS -Security
adr;dom:;;140 Commonwealth Ave.;Chestnut Hill;MA;02467
email;internet:david.bowie@bc.edu
title:Sr. Security Analyst
tel;work:617-552-0894
x-mozilla-html:FALSE
url:www.bc.edu
version:2.1
end:vcard
———————030802020704040207010103—
———————ms090406090304080309080404
Content-Type: application/x-pkcs7-signature; name=“smime.p7s”
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename=“smime.p7s”
Content-Description: S/MIME Cryptographic Signature
[encoded .VCF not included]
———————ms090406090304080309080404—
(from redmine: issue id 192, created on 2009-10-26, closed on 2009-10-27)