Cisco PIX Firewall Mailguard Feature SMTP Content Filter Bypass

High Nessus Plugin ID 10520


The remote service is vulnerable to an access control breach.


The remote SMTP server seems to be protected by a content filtering firewall probably Cisco's PIX.

However, an attacker may bypass this content filtering by issuing a DATA command before a MAIL command, that allows him to directly communicate with the real SMTP daemon.


See Also

Plugin Details

Severity: High

ID: 10520

File Name: smtp_bypass_cisco.nasl

Version: $Revision: 1.24 $

Type: remote

Family: Firewalls

Published: 2000/10/04

Modified: 2016/12/09

Dependencies: 10249, 10263, 17975

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:F/RL:U/RC:ND

Vulnerability Information

Excluded KB Items: SMTP/wrapped, SMTP/qmail, SMTP/postfix

Vulnerability Publication Date: 2000/09/19

Reference Information

CVE: CVE-2000-1022

BID: 1698

OSVDB: 419