69 matches found
MAILsweeper Archive File Filtering Bypass
The remote host is running MAILsweeper - a content security solution for SMTP. According to its banner, the remote version of MAILsweeper may allow an attacker to bypass the archive filtering settings of the remote server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2, HAP, IMG, PA...
CVE-2003-0928
CVE-2003-0928 concerns Clearswift MAILsweeper prior to 4.3.15. The issue is that the product does not properly detect and filter RAR 3.20 encoded files, allowing remote attackers to bypass the product’s policy enforcement. The core impact is the circumvention of policy controls, enabling content ...
CVE-2003-0930
CVE-2003-0930 affects Clearswift MAILsweeper prior to version 4.3.15 and arises from incorrect detection of filenames in BinHex (HQX) encoded files, allowing remote attackers to bypass the product’s policy enforcement. The vulnerability is exploitable remotely by sending HQX-encoded content, with...
CVE-2003-0929
The provided data shows a concrete vulnerability: Clearswift MAILsweeper before version 4.3.15 fails to properly detect and filter ZIP 6.0 encoded files, allowing remote attackers to bypass policy. Affected product: MAILsweeper (SMTP) pre-4.3.15. Impact per sources: partial confidentiality, integ...
CVE-2003-0929
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy...
CVE-2003-0928
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy...
CVE-2003-0930
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex HQX encoded files, which allows remote attackers to bypass intended policy...
Clearswift MAILsweeper for SMTP < 4.3.15 Multiple Vulnerabilities
Binary data 2048.prm...
CVE-2003-1154
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants...
CVE-2003-1477
MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service CPU consumption via a PowerPoint attachment that either 1 is corrupt or 2 contains "embedded objects."...
CVE-2003-1330
Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove...
CVE-2003-1485
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."...
MAILsweeper for SMTP PowerPoint Document Processing DoS
The remote host is running MAILsweeper - a content security solution for SMTP. According to its banner, the remote version of MAILsweeper consumes all available CPU resources when processing a malformed PowerPoint file, causing the server to become non-responsive. A remote attacker could exploit...
CVE-2003-0121
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients...
CVE-2003-0121
CVE-2003-0121 affects Clearswift MAILsweeper 4.x. The issue is a MIME-attachment evasion where an attachment lacking a MIME-Version header can bypass detection by some mail clients, allowing the attacker to pass the attachment unrecognized. The NVD entry notes a network-path attack with low compl...
Clearswift MAILsweeper protection bypass
If MIME-Version header is missed or binary encoding is used attachments are not recognized...
Re: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue
!-- Step 2: Now create a text file that will be used to hold the MIME encoded attachment. Start notepad or another text editor, and paste in: MIME-Version: 1.0 Content-Location:file:///executable.exe Content-Transfer-Encoding: base64 TVp0AQIAAAAgAAgA//8YAIAAAAAQAAIAHgAAAAEAAAAAA...
Corsaire Security Advisory - Clearswift MAILsweeper MIME attachme nt evasion issue
-- Corsaire Security Advisory -- Title: Clearswift MAILsweeper MIME attachment evasion issue Date: 03.03.03 Application: Clearswift MAILsweeper 4.x Environment: Windows NT 4.0, Windows 2000, Author: Martin O'Neal [email protected] Audience: General distribution -- Scope -- The aim of this...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize...
Clearswift MAILsweeper 4.x - MIME Attachment Filter Bypass
source: https://www.securityfocus.com/bid/7044/info Clearswift MailSweeper does not properly process certain malformed MIME email message attachments. If the attachment does not contain a MIME-Version field, MailSweeper does not recognize the attachment as being an executable type. MailSweeper...