Clearswift MailSweeper附录文件名验证漏洞

漏洞信息详情

Clearswift MailSweeper附录文件名验证漏洞

• CNNVD编号：CNNVD-200312-120
• 危害等级： 中危
  
  
• CVE编号：
  CVE-2003-1485
  
• 漏洞类型：
  
  
  输入验证
  
• 发布时间：
  
  2003-12-31
  
• 威胁类型：
  
  
  远程
  
• 更新时间：
  
  2003-12-31
  
• 厂        商：
  
  clearswift
• 漏洞来源：
  Clearswift

Clearswift MAILsweeper 4.0 到4.3.7版本存在漏洞。远程攻击者借助包含“multiple extensions combined with large blocks of white space”的文件附录绕过滤波。

The vendor has released fixes to address this issue. A patch available to upgrade the system to 4.3.8 can only be applied to the 4.3.7 release of the software. More information is available from the vendor, and also the referenced bug report link.
Clearswift MailSweeper 4.0

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.1

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.2

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.3

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.4

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.5

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.6 SP1

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.6

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

Clearswift MailSweeper 4.3.7

• Clearswift MailSweeper 4.3.8
  
  http://www.clearswift.com

来源: BID
名称: 7568
链接:http://www.securityfocus.com/bid/7568