Detections
Analytics

McAfee WebShield SMTP 4.5 Multiple Vulnerabilities

high Nessus Plugin ID 10557

Synopsis

The remote service is vulnerable to multiple issues.

Description

The remote WebShield server is subject to two flaws :

 - It may let mail pass against some filter rules if the attached files names have some strange chars in them
 - It is possible for an outsider to crash this program and force its reinstallation

*** Nessus did not actually test for these flaws - it just relied
*** on the banner to identify them. Therefore, this warning may be
*** a false positive

Solution

Contact the vendor for the fixed version of WebShield (later than 4.5).

See Also

https://seclists.org/bugtraq/2000/Nov/332

http://www.nessus.org/u?c39082d6

Plugin Details

Severity: High

ID: 10557

File Name: webshield.nasl

Version: 1.27

Type: remote

Published: 11/27/2000

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.5

CVSS v2

Risk Factor: High

Base Score: 7.5

Temporal Score: 5.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Vulnerability Information

Exploit Ease: No known exploits are available

Vulnerability Publication Date: 8/18/2000

Reference Information

CVE: CVE-2000-0738, CVE-2000-1130

BID: 1589, 1993