web analytics

Security Vulnerabilities in RFC-1342 Enable Spoofing and Code Injection Attacks

7th December 2017  By Larry Loeb

 

A woman checking her email on a laptop.

Thinkstock

 

Security researcher Sabri Haddouche recently discovered that current implementations of the RFC-1342 standard, which was created in 1992 to encode non-ASCII characters inside email headers, may have security vulnerabilities that enable fraudsters to commit spoofing and code injection attacks.

 

These flaws allow spoofers to circumvent Domain-Based Message Authentication, Reporting and Conformance (DMARC), an antispoofing authentication protocol introduced in 2015, as well as spam filters, Haddouche wrote in a blog post.

 

Full Article.

Take a look at the best antivirus, anti-malware, anti-spy, etc. software

Powered by WPeMatico