Preview Tool

Cisco Bug: CSCzv32600 - Null byte injection into 'mail from' or 'rcpt to' causes appfault on...

Last Modified

Mar 07, 2018

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

7.6.0-444 8.0.0-000 9.7.1-066

Description (partial)

Customer sees an application fault similar to:

An application fault occurred: ('egg/ request|293', "<type 'exceptions.TypeError'>", 'argument 1 must be string without null bytes, not str', '
[egg/ queue_worker_thread|3690] 
[egg/ process_item|4140] 
[dlp/ policy_scan|243] 
[_coro.pyx coro._coro.sched.with_timeout (coro/_coro.c:11759)|1099] 
[dlp/ _do_policy_scan|951] 
[rpc/ new_fn|72] 
[rpc/ pol_match|109] 
[egg/ __method_caller__|20] 
[egg/ request|293]') MID: ######

Version: 8.5.6-092

1.  Image appliance with build 7.6.0-44
2.  Create Private listener.
3.  Enable RSA Email DLP(Enable and configure DLP using the DLP Assessment Wizard - all default)
4.  Inject mail into private listener where 'mail from' or/and 'rcpt to' contain '\0'.

mail from = '\'
rcpt to   = '\'
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.