CVE-2002-1121
published 2002-09-24CVE-2002-1121: SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default…
PriorityP431high7.5CVSS 2.0
AVNACLAuNCPIPAP
EPSS
6.67%
93.1th percentile
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.
Affected
11 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| gfi | mailsecurity | — | — |
| network_associates | webshield_smtp | — | — |
| network_associates | webshield_smtp | — | — |
| network_associates | webshield_smtp | — | — |
| network_associates | webshield_smtp | — | — |
| roaring_penguin | canit | — | — |
| roaring_penguin | mimedefang | — | — |
| roaring_penguin | mimedefang | — | — |
| trend_micro | interscan_viruswall | — | — |
| trend_micro | interscan_viruswall | — | — |
| trend_micro | interscan_viruswall | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-09/0135.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.htmlhttp://marc.info/?l=bugtraq&m=103184267105132&w=2http://marc.info/?l=bugtraq&m=103184501408453&w=2http://www.iss.net/security_center/static/10088.phphttp://www.kb.cert.org/vuls/id/836088http://www.securiteam.com/securitynews/5YP0A0K8CM.htmlhttp://www.securityfocus.com/bid/5696http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.htmlhttp://archives.neohapsis.com/archives/bugtraq/2002-09/0135.htmlhttp://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.htmlhttp://marc.info/?l=bugtraq&m=103184267105132&w=2http://marc.info/?l=bugtraq&m=103184501408453&w=2http://www.iss.net/security_center/static/10088.phphttp://www.kb.cert.org/vuls/id/836088http://www.securiteam.com/securitynews/5YP0A0K8CM.htmlhttp://www.securityfocus.com/bid/5696
2002-09-24
Published