Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2328

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2004-2328
Last Modified 05 Sep 2008 04:43:49
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact NONE NONE
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-2328

Summary

Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached.

Vulnerable Systems

Application

  • Clearswift Mailsweeper 4.0

  • Clearswift Mailsweeper 4.1

  • Clearswift Mailsweeper 4.2

  • Clearswift Mailsweeper 4.3

  • Clearswift Mailsweeper 4.3.10

  • Clearswift Mailsweeper 4.3.11

  • Clearswift Mailsweeper 4.3.13

  • Clearswift Mailsweeper 4.3.3

  • Clearswift Mailsweeper 4.3.4

  • Clearswift Mailsweeper 4.3.5

  • Clearswift Mailsweeper 4.3.6

  • Clearswift Mailsweeper 4.3.6 Sp1

  • Clearswift Mailsweeper 4.3.7

  • Clearswift Mailsweeper 4.3.8


References

XF - mailsweeper-smtp-rar-dos(14979)

BID - 9556

SECUNIA - 10732

OSVDB - 3742


Last Updated: 27 May 2016 10:39:26