Lucene search

[email protected]CVE-2007-3803

HistoryJul 16, 2007 - 11:30 p.m.

CVE-2007-3803

2007-07-1623:30:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2007-3803

smtp alg

clavister coreplus

address blacklists

remote attackers

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.016 Low

EPSS

Percentile

87.4%

JSON

The SMTP ALG in Clavister CorePlus before 8.80.04, and 8.81.00, does not properly parse SMTP commands in certain circumstances, which allows remote attackers to bypass address blacklists.

CPENameOperatorVersion
clavister:clavister_coreplusclavister clavister coreplusle8.81.00
clavister:clavister_coreplusclavister clavister coreplusle8.80.03

CPE	Name	Operator	Version
clavister:clavister_coreplus	clavister clavister coreplus	le	8.81.00
clavister:clavister_coreplus	clavister clavister coreplus	le	8.80.03

References

osvdb.org/37974

secunia.com/advisories/25957

www.clavister.com/releasenotes/CorePlus_Release_Notes_8_80_04.pdf

www.clavister.com/releasenotes/CorePlus_Release_Notes_8_81_01.pdf

exchange.xforce.ibmcloud.com/vulnerabilities/35371

7.8 High

AI Score

Confidence

Low

10 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:C/I:C/A:C

0.016 Low

EPSS

Percentile

87.4%

JSON

Related for CVE-2007-3803

prion1