CVE-2000-1022

critical

Description

The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict access to SMTP commands, which allows remote attackers to execute restricted commands by sending a DATA command before sending the restricted commands.

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/5277

http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilter-pub.shtml

http://archives.neohapsis.com/archives/bugtraq/2000-09/0241.html

http://archives.neohapsis.com/archives/bugtraq/2000-09/0222.html

Details

Source: Mitre, NVD

Published: 2000-12-11

Updated: 2018-10-30

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

Detections

Analytics