MAILsweeper Archive File Filtering Bypass

High Nessus Plugin ID 14360


The remote SMTP server has a security bypass vulnerability.


The remote host is running MAILsweeper - a content security solution for SMTP.

According to its banner, the remote version of MAILsweeper may allow an attacker to bypass the archive filtering settings of the remote server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2, HAP, IMG, PAK, RAR or ZOO.


Upgrade to MAILsweeper 4.3.15 or later.

See Also

Plugin Details

Severity: High

ID: 14360

File Name: mailsweeper_archive_filtering.nasl

Version: $Revision: 1.11 $

Type: remote

Family: Misc.

Published: 2004/08/23

Modified: 2016/11/19

Dependencies: 10263, 10249

Risk Information

Risk Factor: High


Base Score: 7.5

Temporal Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:H/RL:U/RC:ND

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 2004/08/13

Reference Information

CVE: CVE-2003-0922, CVE-2003-0929, CVE-2003-0930

BID: 10940

OSVDB: 8844

Secunia: 12301