Network Associates WebShield SMTP Filtering Rules Bypass Vulnerability
BID:1410
Info
Network Associates WebShield SMTP Filtering Rules Bypass Vulnerability
| Bugtraq ID: | 1410 |
| Class: | Unknown |
| CVE: | |
| Remote: | Unknown |
| Local: | Unknown |
| Published: | Jun 20 2000 12:00AM |
| Updated: | Jun 20 2000 12:00AM |
| Credit: | Posted to BugTraq on June 20, 2000 by Chris Paget <[email protected]> |
| Vulnerable: |
Network Associates WebShield SMTP 4.5 |
| Not Vulnerable: | |
Discussion
Network Associates WebShield SMTP Filtering Rules Bypass Vulnerability
WebShield SMTP can be configured to block possibly malicious attachments (eg., all .VBS and other scripts). The filtering mechanism fails to detect attachments that WebShield has been configured to reject when base64 encoding is used. This does not appear to cause problems detecting known viruses; it affects filtering of specified attachment types.
WebShield SMTP can be configured to block possibly malicious attachments (eg., all .VBS and other scripts). The filtering mechanism fails to detect attachments that WebShield has been configured to reject when base64 encoding is used. This does not appear to cause problems detecting known viruses; it affects filtering of specified attachment types.
Exploit / POC
Network Associates WebShield SMTP Filtering Rules Bypass Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected].