5.1 Security Considerations for Implementers

The protocol is at risk of attack where the attacker spoofs RequestPacketListResend packets, causing the server to flood the client with unnecessarily retransmitted Data packets. To help mitigate against the attack, the server chooses the value of the nCubs field in the LinkMacToViewerReportFunnelInfo message in such a way that it is difficult for an attacker to predict its value. The server can also impose a limit on how many packets per second it will resend to a client.

Because MMS is a binary protocol, it is recommended that implementers take care to validate that the length fields in the packet and message structures do not specify values that cause an implementation to access data out of bounds. Some message structures also have a field that specifies a byte offset, and a similar concern applies in this case. In addition, strings that appear in MMS messages are sometimes not required to be null-terminated.