Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0051

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-0051
Last Modified 10 Sep 2008 03:24:56
Published 20 Oct 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0051

Summary

Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.

Vulnerable Systems

Application

  • Clearswift Mailsweeper 4.3.10

  • Clearswift Mailsweeper 4.3.11

  • Clearswift Mailsweeper 4.3.13

  • Clearswift Mailsweeper 4.3.14

  • Clearswift Mailsweeper 4.3.15

  • Clearswift Mailsweeper 4.3.7

  • Clearswift Mailsweeper 4.3.8

  • F-secure Internet Gatekeeper 6.3

  • F-secure Internet Gatekeeper 6.31

  • F-secure Internet Gatekeeper 6.32

  • F-secure Internet Gatekeeper 6.4

  • Paul L Daniels Ripmime 1.2.0

  • Paul L Daniels Ripmime 1.2.1

  • Paul L Daniels Ripmime 1.2.2

  • Paul L Daniels Ripmime 1.2.3

  • Paul L Daniels Ripmime 1.2.4

  • Paul L Daniels Ripmime 1.2.5

  • Paul L Daniels Ripmime 1.2.6

  • Paul L Daniels Ripmime 1.2.7

  • Paul L Daniels Ripmime 1.3.2.0

  • Paul L Daniels Ripmime 1.3.2.2

  • Paul L Daniels Ripmime 1.3.2.3


References

XF - mime-contenttransfer-filter-bypass(17337)

MISC - http://www.uniras.gov.uk/vuls/2004/380375/mime.htm

BUGTRAQ - 20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue


Last Updated: 27 May 2016 10:38:26