Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
|
|
|
|
|
|
|
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
|
|
|
|
Become a Partner and License Our Database or Notification Service
|
|
|
|
|
|
|
|
|
|
|
|
|
|
MailScanner Input Validation Flaws in Processing Attachment File Names May Let Remote Users Bypass Security
|
|
SecurityTracker Alert ID: 1005572 |
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Nov 8 2002
|
Impact: Execution of arbitrary code via network, Host/resource access via network, User access via network
|
Fix Available: Yes
Vendor Confirmed: Yes
|
Version(s): prior to 4.05-1
|
Description: Two input validation vulnerabilities were reported in the MailScanner e-mail security software. A remote user could bypass a certain security feature.
Two vulnerabilities were reported involving malicious attachment filenames.
It is reported that a remote user could create mail
with a specially crafted file attachment header to cause the software to bypass the security checks on the filename. Anti-virus
scanning and other security functions are not affected.
A remote user could also create mail with certain characters that could
possibly be used to exploit the server. This exploit method was not confirmed via testing.
The vendor indicates that no reports
of exploitation for either bug have been filed with the vendor.
|
Impact: A remote user could send mail that bypasses the attachment file name security checks.
A remote user may be able to execute commands on the server (but that was not confirmed).
|
Solution: 3.26-1 and 4.05-1
http://www.sng.ecs.soton.ac.uk/mailscanner/downloads.shtml
|
Vendor URL: www.sng.ecs.soton.ac.uk/mailscanner/ (Links to External Site)
|
Cause: Input validation error
|
Underlying OS: Linux (Any), UNIX (Any)
|
|
Message History:
None.
|
Source Message Contents
|
Date: Mon, 04 Nov 2002 02:06:26 -0500
Subject: MailScanner 3.26-1 and 4.05-1
|
- MailScanner 3.26-1 and 4.05-1
by Julian Field (http://freshmeat.net/users/jfield/)
Sunday, November 3rd 2002 10:23
Communications :: Email
Communications :: Email :: Filters
System :: Networking :: Firewalls
About: MailScanner is an Email virus scanner, vulnerability protector, and
spam tagger. It supports the Sendmail and Exim MTAs, and the Sophos,
McAfee, F-Prot, F-Secure, CommandAV, InoculateIT, Inoculan 4.x, Kaspersky,
Nod32, AntiVir, RAV, Panda, and Clam anti-virus scanners. It supports
SpamAssassin for highly successful spam identification. It is specifically
designed to handle Denial Of Service attacks. It is very easy to install,
and requires no changes at all to your sendmail.cf file. It is designed to
be lightweight, and won't grind your mail system to a halt with its load.
It can be integrated into any email system, regardless of the software in
use.
Changes: Two potential security vulnerabilities involving malicious
attachment filenames in unknown character encodings were fixed. A bunch of
improvements and new features were also added for version 4.
License: GNU General Public License (GPL)
URL: http://freshmeat.net/projects/mailscanner/
|
|
Go to the Top of This SecurityTracker Archive Page
|
