| Vulnerability Name: | CVE-2002-1121 (CCN-10088) | ||||||||
| Assigned: | 2002-09-12 | ||||||||
| Published: | 2002-09-12 | ||||||||
| Updated: | 2016-10-18 | ||||||||
| Summary: | SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Bypass Security | ||||||||
| References: | Source: CCN Type: BugTraq Mailing List, Thu Sep 12 2002 - 10:11:07 CDT MIMEDefang update (was Re: Bypassing SMTP Content Protection ) Source: BUGTRAQ Type: UNKNOWN 20020912 FW: Bypassing SMTP Content Protection with a Flick of a Button Source: CCN Type: BugTraq Mailing List, Thu Sep 12 2002 - 13:13:02 CDT FW: Bypassing SMTP Content Protection with a Flick of a Button Source: BUGTRAQ Type: UNKNOWN 20020912 Roaring Penguin fixes for "Bypassing SMTP Content Protection with a Flick of a Button" Source: CCN Type: BugTraq Mailing List, Thu Sep 12 2002 - 12:06:06 CDT Roaring Penguin fixes for "Bypassing SMTP Content Protection with a Flick of a Button" Source: VULNWATCH Type: Vendor Advisory 20020912 Bypassing SMTP Content Protection with a Flick of a Button Source: MITRE Type: CNA CVE-2002-1121 Source: BUGTRAQ Type: UNKNOWN 20020912 Bypassing SMTP Content Protection with a Flick of a Button Source: BUGTRAQ Type: UNKNOWN 20020912 MIMEDefang update (was Re: Bypassing SMTP Content Protection ) Source: CCN Type: CanIt Web site Welcome to CanIt Source: CCN Type: GFI Software Web site Anti Virus for Exchange server Source: XF Type: Vendor Advisory smtp-content-filtering-bypass(10088) Source: CCN Type: US-CERT VU#836088 Multiple vendors` email content/virus scanners do not adequately check message/partial MIME entities Source: CERT-VN Type: US Government Resource VU#836088 Source: CCN Type: OSVDB ID: 6188 Multiple Vendor Fragmented Email Virus Scan Bypass Source: CCN Type: Roaring Penguin Software Web site MIMEDefang Source: CCN Type: SecuriTeam Mailing List, SecurityNews 12 Sep 2002 Bypassing SMTP Content Protection with a Flick of a Button Source: MISC Type: UNKNOWN http://www.securiteam.com/securitynews/5YP0A0K8CM.html Source: BID Type: UNKNOWN 5696 Source: CCN Type: BID-5696 Multiple Vendor Email Message Fragmentation SMTP Filter Bypass Vulnerability Source: XF Type: UNKNOWN smtp-content-filtering-bypass(10088) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||