TITLE:
Hitachi S/MIME Implementation Denial of Service Vulnerability

SECUNIA ADVISORY ID:
SA10142

VERIFY ADVISORY:
[Only registered and activated users can see links]

CRITICAL:
Less critical

IMPACT:
DoS

WHERE:
From remote

SOFTWARE:
Hitachi Groupmax Mail - Security Option
Hitachi PKI Runtime Library

DESCRIPTION:
Hitachi has confirmed that their PKI Runtime Library and Groupmax
Mail - Security Option are affected by some vulnerabilities, which
can be exploited to cause a DoS (Denial of Service).

The vulnerabilities were discovered using a test suite constructed by
NISCC. This can be used for identifying vulnerabilities related to
the handling of ASN.1 elements in products implementing the S/MIME
protocol.

SOLUTION:
According to Hitachi, fixes will be available shortly.

REPORTED BY / CREDITS:
NISCC

ORIGINAL ADVISORY:
NISCC: Vulnerability Issues in Implementations of the S/MIME
Protocol
[Only registered and activated users can see links]

CERT VU#428230
[Only registered and activated users can see links]

----------------------------------------------------------------------