Lucene search

[email protected]NVD:CVE-2002-1121

HistorySep 24, 2002 - 4:00 a.m.

CVE-2002-1121

2002-09-2404:00:00

[email protected]

web.nvd.nist.gov

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 (“Message Fragmentation and Reassembly”) and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

Affected configurations

Nvd

Node

gfimailsecurityMatch7.2exchange_smtp

network_associateswebshield_smtpMatch4.0.5

network_associateswebshield_smtpMatch4.5

network_associateswebshield_smtpMatch4.5.44

network_associateswebshield_smtpMatch4.5.74.0

roaring_penguincanitMatch1.2

roaring_penguinmimedefangMatch2.14

roaring_penguinmimedefangMatch2.20

trend_microinterscan_viruswallMatch3.5

trend_microinterscan_viruswallMatch3.51

trend_microinterscan_viruswallMatch3.52

VendorProductVersionCPE
gfimailsecurity7.2cpe:2.3:a:gfi:mailsecurity:7.2:*:exchange_smtp:*:*:*:*:*
network_associateswebshield_smtp4.0.5cpe:2.3:a:network_associates:webshield_smtp:4.0.5:*:*:*:*:*:*:*
network_associateswebshield_smtp4.5cpe:2.3:a:network_associates:webshield_smtp:4.5:*:*:*:*:*:*:*
network_associateswebshield_smtp4.5.44cpe:2.3:a:network_associates:webshield_smtp:4.5.44:*:*:*:*:*:*:*
network_associateswebshield_smtp4.5.74.0cpe:2.3:a:network_associates:webshield_smtp:4.5.74.0:*:*:*:*:*:*:*
roaring_penguincanit1.2cpe:2.3:a:roaring_penguin:canit:1.2:*:*:*:*:*:*:*
roaring_penguinmimedefang2.14cpe:2.3:a:roaring_penguin:mimedefang:2.14:*:*:*:*:*:*:*
roaring_penguinmimedefang2.20cpe:2.3:a:roaring_penguin:mimedefang:2.20:*:*:*:*:*:*:*
trend_microinterscan_viruswall3.5cpe:2.3:a:trend_micro:interscan_viruswall:3.5:*:*:*:*:*:*:*
trend_microinterscan_viruswall3.51cpe:2.3:a:trend_micro:interscan_viruswall:3.51:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
gfi	mailsecurity	7.2	cpe:2.3:a:gfi:mailsecurity:7.2::exchange_smtp:::::
network_associates	webshield_smtp	4.0.5	cpe:2.3:a:network_associates:webshield_smtp:4.0.5:::::::*
network_associates	webshield_smtp	4.5	cpe:2.3:a:network_associates:webshield_smtp:4.5:::::::*
network_associates	webshield_smtp	4.5.44	cpe:2.3:a:network_associates:webshield_smtp:4.5.44:::::::*
network_associates	webshield_smtp	4.5.74.0	cpe:2.3:a:network_associates:webshield_smtp:4.5.74.0:::::::*
roaring_penguin	canit	1.2	cpe:2.3:a:roaring_penguin:canit:1.2:::::::*
roaring_penguin	mimedefang	2.14	cpe:2.3:a:roaring_penguin:mimedefang:2.14:::::::*
roaring_penguin	mimedefang	2.20	cpe:2.3:a:roaring_penguin:mimedefang:2.20:::::::*
trend_micro	interscan_viruswall	3.5	cpe:2.3:a:trend_micro:interscan_viruswall:3.5:::::::*
trend_micro	interscan_viruswall	3.51	cpe:2.3:a:trend_micro:interscan_viruswall:3.51:::::::*

Rows per page:

1-10 of 111

References

archives.neohapsis.com/archives/bugtraq/2002-09/0134.html

archives.neohapsis.com/archives/bugtraq/2002-09/0135.html

archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html

marc.info/?l=bugtraq&m=103184267105132&w=2

marc.info/?l=bugtraq&m=103184501408453&w=2

www.iss.net/security_center/static/10088.php

www.kb.cert.org/vuls/id/836088

www.securiteam.com/securitynews/5YP0A0K8CM.html

www.securityfocus.com/bid/5696

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.9

Confidence

Low

EPSS

0.011

Percentile

84.6%

JSON

Related for NVD:CVE-2002-1121

cvelist1 cve1 cert1