MAILsweeper Archive File Filtering Bypass

This script is Copyright (C) 2004-2011 Tenable Network Security, Inc.


Synopsis :

The remote SMTP server has a security bypass vulnerability.

Description :

The remote host is running MAILsweeper - a content security solution
for SMTP.

According to its banner, the remote version of MAILsweeper may allow
an attacker to bypass the archive filtering settings of the remote
server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2,
HAP, IMG, PAK, RAR or ZOO.

See also :

http://archives.neohapsis.com/archives/ntbugtraq/2003-q1/0141.html

Solution :

Upgrade to MAILsweeper 4.3.15 or later.

Risk factor :

High / CVSS Base Score : 7.5
(CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVSS Temporal Score : 7.5
(CVSS2#E:H/RL:U/RC:ND)
Public Exploit Available : true

Family: Misc.

Nessus Plugin ID: 14360 (mailsweeper_archive_filtering.nasl)

Bugtraq ID: 10940

CVE ID: CVE-2003-0922
CVE-2003-0929
CVE-2003-0930