CVE-2000-1244
published 2000-12-31CVE-2000-1244: Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which…
PriorityP429high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
2.41%
82.0th percentile
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
exploitdb·2001-07-07
CVE-2001-1244 HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
HP-UX 11 / Linux Kernel 2.4 / Windows 2000/NT 4.0 / IRIX 6.5 - Small TCP MSS Denial of Service
---
/*
source: https://www.securityfocus.com/bid/2997/info
A potential denial of service vulnerability exists in several TCP stack implementations.
TCP has a MSS (maximum segment size) option that is used by a TCP client to announce to a peer the maximum amount of TCP data that can be sent per segment. The potential for attacks exists because in many cases only a small minimum value is enforced for the MSS.
By setting the MSS to a low value (such as 1) and making requests for large amounts of data through a TCP service, an attacker could effectively cause a denial of service by causing a large workload on a system.
*/
/*
* (C)Copyright 2001 Darren Reed.
*
* maxseg.c
*/
#include
#include
#i
Exploit-DB
Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent
exploitdb·2000-11-10
CVE-2000-1244 Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent
Computer Associates InoculateIT 4.53 - Microsoft Exchange Agent
---
source : https://www.securityfocus.com/bid/1935/info
InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers.
A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the agent and MS Exchange Server. There are reportedly numerous methods by which this can be accomplished, one of which is to remove the "From:" field in a infected message (MIME attachment included) and submit the message to the Exchange server. The Inoculate Agent will not detect the infected file when it is submitted in this manner.
If different organizations are using MS Exchange Server and InoculateIT Agents (with MS IMC being used to send the messages) the foll
No writeups or analysis indexed.
2000-12-31
Published