Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass

This script is Copyright (C) 2000-2012 Tenable Network Security, Inc.


Synopsis :

The remote service is vulnerable to an access control breach.

Description :

The remote SMTP server seems to be protected by a content
filtering firewall probably Cisco's PIX.

However, an attacker may bypass this content filtering
by issuing a DATA command before a MAIL command,
that allows him to directly communicate with the real SMTP daemon.

See also :

http://archives.neohapsis.com/archives/bugtraq/2000-09/0241.html

Solution :

http://www.nessus.org/u?236b35d2

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.1
(CVSS2#E:F/RL:U/RC:ND)

Family: Firewalls

Nessus Plugin ID: 10520 ()

Bugtraq ID: 1698

CVE ID: CVE-2000-1022