Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-1098

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2004-1098
Last Modified 10 Sep 2008 03:29:02
Published 10 Jan 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-1098

Summary

MIMEDefang in MIME-tools 5.414 allows remote attackers to bypass virus scanning capabilities via an e-mail attachment with a virus that contains an empty boundary string in the Content-Type header.

Vulnerable Systems

Operating System

  • Mandrakesoft Mandrake Linux 10.0

  • Mandrakesoft Mandrake Linux 10.1

  • Mandrakesoft Mandrake Linux 9.2

  • Mandrakesoft Mandrake Linux Corporate Server 2.1

  • Suse Linux 8.0

  • Suse Linux 8.1

  • Suse Linux 8.2

  • Suse Linux 9.0

  • Suse Linux 9.1

  • Suse Linux 9.2

Application

  • Roaring Penguin Mimedefang 2.14

  • Roaring Penguin Mimedefang 2.20

  • Roaring Penguin Mimedefang 2.21

  • Roaring Penguin Mimedefang 2.38

  • Roaring Penguin Mimedefang 2.39

  • Roaring Penguin Mimedefang 2.4

  • Roaring Penguin Mimedefang 2.41

  • Roaring Penguin Mimedefang 2.42

  • Roaring Penguin Mimedefang 2.43

  • Roaring Penguin Mimedefang 2.44

  • Roaring Penguin Mimedefang 2.45

  • Roaring Penguin Mimedefang 4.46

  • Roaring Penguin Mimedefang 4.47


References

BID - 11563

GENTOO - GLSA-200411-06

XF - mimetools-boundary-virus-bypass(17940)

MLIST - 20041026 [Mimedefang] SECURITY: Patch for MIME-tools

MANDRAKE - MDKSA-2004:123


Last Updated: 27 May 2016 10:38:54