漏洞信息详情
多个供应商电子邮件消息分段SMTP过滤器绕过漏洞
- CNNVD编号:CNNVD-200209-051
- 危害等级: 高危
- CVE编号: CVE-2002-1121
- 漏洞类型: 设计错误
- 发布时间: 2002-09-24
- 威胁类型: 远程
- 更新时间: 2005-10-20
- 厂 商: roaring_penguin
- 漏洞来源: .');">Vulnerability repo...
漏洞简介
(1)Exchange/SMTP 7.2之前版本的GFI MailSecurity,(2) InterScan VirusWall 3.52 build 1494之前版本,(3)MIMEDefang 2.21之前版本的默认配置,和可能其他的产品的SMTP目录过滤器引擎不能检测到电子邮件的碎片,正如在RFC2046(“消息分段和重新装配”)中定义的和在如Outlook Express产品中支持的。远程攻击者借助message/partial目录类型的电子邮件碎片绕过目录过滤器包含病毒检查。
漏洞公告
GFI has updated MailSecurity for Exchange/SMTP version 7.2. Users should contact the vendor for updated software. Patches are available: Roaring Penguin Software MIMEDefang 2.14
- Roaring Penguin Software MIME-tools-5.411a-RP-Patched.tar.gz http://www.roaringpenguin.com/mimedefang/MIME-tools-5.411a-RP-Patched. tar.gz
- Roaring Penguin Software MIME-tools-5.411a-RP-Patched.tar.gz http://www.roaringpenguin.com/mimedefang/MIME-tools-5.411a-RP-Patched. tar.gz
- Trend Micro Hotfix_build1494_v352_Smtp_case6593.zip ftp://ftp-download.trendmicro.com.ph/Gateway/ISNT/3.52/Hotfix_build149 4_v352_Smtp_case6593.zip
参考网址
来源:US-CERT Vulnerability Note: VU#836088 名称: VU#836088 链接:http://www.kb.cert.org/vuls/id/836088 来源: BUGTRAQ 名称: 20020912 MIMEDefang update (was Re: Bypassing SMTP Content Protection ) 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103184501408453&w=2 来源: BID 名称: 5696 链接:http://www.securityfocus.com/bid/5696 来源: www.securiteam.com 链接:http://www.securiteam.com/securitynews/5YP0A0K8CM.HTML 来源: XF 名称: smtp-content-filtering-bypass(10088) 链接:http://www.iss.net/security_center/static/10088.php 来源: VULNWATCH 名称: 20020912 Bypassing SMTP Content Protection with a Flick of a Button 链接:http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.HTML 来源: BUGTRAQ 名称: 20020912 FW: Bypassing SMTP Content Protection with a Flick of a Button 链接:http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.HTML 来源: BUGTRAQ 名称: 20020912 Bypassing SMTP Content Protection with a Flick of a Button 链接:http://marc.theaimsgroup.com/?l=bugtraq&m=103184267105132&w=2 来源: BUGTRAQ 名称: 20020912 Roaring Penguin fixes for "Bypassing SMTP Content Protection with a Flick of a Button" 链接:http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.HTML
受影响实体
- Roaring_penguin Mimedefang:2.14
- Roaring_penguin Mimedefang:2.20
补丁
暂无
评论