CVE-2002-1121

CVE	CVE-2002-1121
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2002-09-24 04:00:00 UTC
Updated	2016-10-18 02:23:00 UTC
Description	SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

Problem Types: NVD-CWE-Other

Type	Vendor	Product	Version	Update	Edition	Language
Application	Gfi	Mailsecurity	7.2	All	exchange_smtp	All
Application	Gfi	Mailsecurity	7.2	All	exchange_smtp	All
Application	Network Associates	Webshield Smtp	4.0.5	All	All	All
Application	Network Associates	Webshield Smtp	4.5	All	All	All
Application	Network Associates	Webshield Smtp	4.5.44	All	All	All
Application	Network Associates	Webshield Smtp	4.5.74.0	All	All	All
Application	Network Associates	Webshield Smtp	4.0.5	All	All	All
Application	Network Associates	Webshield Smtp	4.5	All	All	All
Application	Network Associates	Webshield Smtp	4.5.44	All	All	All
Application	Network Associates	Webshield Smtp	4.5.74.0	All	All	All
Application	Roaring Penguin	Canit	1.2	All	All	All
Application	Roaring Penguin	Canit	1.2	All	All	All
Application	Roaring Penguin	Mimedefang	2.14	All	All	All
Application	Roaring Penguin	Mimedefang	2.20	All	All	All
Application	Roaring Penguin	Mimedefang	2.14	All	All	All
Application	Roaring Penguin	Mimedefang	2.20	All	All	All
Application	Trend Micro	Interscan Viruswall	3.5	All	All	All
Application	Trend Micro	Interscan Viruswall	3.51	All	All	All
Application	Trend Micro	Interscan Viruswall	3.52	All	All	All
Application	Trend Micro	Interscan Viruswall	3.5	All	All	All
Application	Trend Micro	Interscan Viruswall	3.51	All	All	All
Application	Trend Micro	Interscan Viruswall	3.52	All	All	All

Reference	Source	Link	Tags
ISS X-Force Database: smtp-content-filtering-bypass (10088): Multiple vendor SMTP content filtering can be bypassed using message fragmentation and reassembly	XF	www.iss.net	Vendor Advisory
CERT/CC Vulnerability Note VU#836088	CERT-VN	www.kb.cert.org	US Government Resource
Neohapsis Archives - VulnWatch - [VulnWatch] Bypassing SMTP Content Protection with a Flick of a Button - From aviram_at_beyondsecurity.com	VULNWATCH	archives.neohapsis.com	Vendor Advisory
'MIMEDefang update (was Re: Bypassing SMTP Content Protection )' - MARC	BUGTRAQ	marc.info
'Bypassing SMTP Content Protection with a Flick of a Button' - SecuriTeam	MISC	www.securiteam.com
Neohapsis Archives - Bugtraq - Roaring Penguin fixes for "Bypassing SMTP Content Protection with a Flick of a Button" - From dfs_at_roaringpenguin.com	BUGTRAQ	archives.neohapsis.com
'Bypassing SMTP Content Protection with a Flick of a Button' - MARC	BUGTRAQ	marc.info
Neohapsis Archives - Bugtraq - FW: Bypassing SMTP Content Protection with a Flick of a Button - From menashe_at_finjan.com	BUGTRAQ	archives.neohapsis.com
Multiple Vendor Email Message Fragmentation SMTP Filter Bypass Vulnerability	BID	www.securityfocus.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

There are currently no legacy QID mappings associated with this CVE.