Bugtraqmailing list archives
Antigen 8.0 for Exchange/SMTP Rule Vulnerability
From: "Alan Monaghan" <AlanM () Gardnerweb com>
Date: Mon, 19 Sep 2005 11:54:05 -0400
======================================================================- Sybari Antigen for SMTP / Exchange Rule / Attachment Pass through -======================================================================1) Affected Software Sybari Antigen v8.0 SR2 for Exchange/SMTPOther versions may also be affected.======================================================================2) Description of VulnerabilityA vulnerability has been discovered in Antigen for Exchange/SMTP, whichcould potentially be exploited by malicious people to compromise avulnerable system.The vulnerability is caused by the way Antigen processes its rules inhandling SMTP messages. A message, containing the Subject line of: "Antigen forwarded attachment" can be exploited to cause Antigen toignore custom filters allowing unwanted file attachments into the emailsystem. This vulnerability does not disable or bypass virus scanning ofattachments.Successful exploitation may allow an unwanted file type to be deliveredinto a user's email inbox.======================================================================3) Solution Update to the latest version via online update.(Antigen v8.0 sr3 for Exchange/SMTP Version 8.00.1517 SR3).======================================================================4) Credits Reported by Alan G. Monaghan, Gardner Publications, Inc. on Thursday,September 01, 2005
Current thread:
- Antigen 8.0 for Exchange/SMTP Rule VulnerabilityAlan Monaghan (Sep 19)