Vulnerability Development mailing list archives
RE: Cisco PIX Firewall MailGuard Vulnerability
From: Jerome Tytgat <j.tytgat () energis fr>
Date: Thu, 27 Sep 2001 09:26:31 +0200
Here what i've seen looking in the release notes of the 6.1.1 : CSCdu47003 Yes Able to pass disallowed SMTP command thru PIX, by sending after mail So it looks like if you send commands AFTER the dot, they are not secured. Hum seems that cisco did not remove the last vulnerability but only moved it further. But I was not able to confirm this (with a 5.3.1). _______________________________________________________________ ENERGIS Jerome Tytgat Network and Security Administrator mailto:j.tytgat () energis fr http://www.energis.fr tel : (33) 03 88 78 77 77 2, rue paul Rohmer fax : (33) 03 88 78 80 00 F-67087 Strasbourg Cedex 2 _______________________________________________________________
Current thread:
- Cisco PIX Firewall MailGuard Vulnerability Fabio Pietrosanti (naif) (Sep 25)
- RE: Cisco PIX Firewall MailGuard Vulnerability Jerome Tytgat (Sep 25)
- Re: Cisco PIX Firewall MailGuard Vulnerability Fabio Pietrosanti (naif) (Sep 26)
- RE: Cisco PIX Firewall MailGuard Vulnerability Jerome Tytgat (Sep 27)
- Re: Cisco PIX Firewall MailGuard Vulnerability Fabio Pietrosanti (naif) (Sep 26)
- RE: Cisco PIX Firewall MailGuard Vulnerability Jerome Tytgat (Sep 25)