Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1154

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2003-1154
Last Modified 05 Sep 2008 04:36:11
Published 31 Dec 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1154

Summary

MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.

Vulnerable Systems

Application

  • Clearswift Mailsweeper 4.0

  • Clearswift Mailsweeper 4.1

  • Clearswift Mailsweeper 4.2

  • Clearswift Mailsweeper 4.3

  • Clearswift Mailsweeper 4.3.10

  • Clearswift Mailsweeper 4.3.3

  • Clearswift Mailsweeper 4.3.4

  • Clearswift Mailsweeper 4.3.5

  • Clearswift Mailsweeper 4.3.6

  • Clearswift Mailsweeper 4.3.6 Sp1

  • Clearswift Mailsweeper 4.3.7

  • Clearswift Mailsweeper 4.3.8


References

SECUNIA - 10148

XF - mailsweeper-zip-virus-bypass(13611)

BID - 8982

OSVDB - 2772

MISC - http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument&More=


Last Updated: 27 May 2016 10:38:14