MAILsweeper Archive File Filtering Bypass
High Nessus Plugin ID 14360
SynopsisThe remote SMTP server has a security bypass vulnerability.
DescriptionThe remote host is running MAILsweeper - a content security solution for SMTP.
According to its banner, the remote version of MAILsweeper may allow an attacker to bypass the archive filtering settings of the remote server by sending an archive in the format 7ZIP, ACE, ARC, BH, BZIP2, HAP, IMG, PAK, RAR or ZOO.
SolutionUpgrade to MAILsweeper 4.3.15 or later.