On 2023-12-29 at 08:41:23 UTC-0500 (Fri, 29 Dec 2023 08:41:23 -0500)
Alex <[email protected]>
is rumored to have said:
Hi,
Barracuda recently announced they've identified a vulnerability in the
Spreadsheet::Excel library used by amavis in their appliances. I
didn't
realize they were still using amavis and open source (and presumably
spamassassin?).
https://www.barracuda.com/company/legal/esg-vulnerability
Barracuda has never been entirely open about their components, but they
started as a very typical Postfix/Amavis/SpamAssassin/ClamAV rig.
I don't have this library on my system - is there a plugin that
enables
parsing of Excel spreadsheets for malicious code?
The OLEVBMacro plugin exists. It does not use Spreadsheet::Excel. Malice
is out of scope, but since mailing around MS files with macros has never
been a good idea, discriminating between malice or sheer blinding
stupidity is non-critical.
In my experience it has been workable to just reject mail with .xls and
.xlsx attachments by default at any Internet-facing MX. 20+ years of
warnings about how reckless it is to share MS documents ought to suffice
for anyone.
--
Bill Cole
[email protected] or [email protected]
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
