Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2088

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2088
Last Modified 05 Sep 2008 04:43:10
Published 12 Feb 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2088

Summary

Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.

Vulnerable Systems

Application

  • Sophos Anti-virus 3.4.6

  • Sophos Anti-virus 3.78


References

XF - sophos-email-virus-undetected(15192)

CONFIRM - http://www.sophos.com/support/news/#mime-378

BID - 9650

SECTRACK - 1009042

SECUNIA - 10855


Last Updated: 27 May 2016 10:39:20