📦

webshield_smtp

Vendor: network_associates

Login to add this product to WatchStack
Actively Exploited 0 CISA KEV List
PoC / Exploits 1 Code Available
Total RCEs 2 Remote Access
Total CVEs 5 Total Indexed
Avg. EPSS 5.18% Exploit Prob.
Latest CVE CVE-2006-0559 Apr 04

Security Vulnerability Index

Page 1 / 1
10.0 CVSS
CVE-2006-0559
RCE

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

EPSS: 19.53%
7.5 CVSS
CVE-2002-1121

SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type.

EPSS: 0.94%
7.5 CVSS
CVE-2001-1542

NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachments, which could allow remote attackers to bypass filtering and possibly execute arbitrary code in email clients that process the invalid attachments.

EPSS: 0.91%
7.5 CVSS
CVE-2001-1456
RCE

Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.

EPSS: 9.06%
7.5 CVSS
CVE-2000-1130

McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.

EPSS: 0.32%
5.0 CVSS
CVE-2000-1129
Exploit Found

McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.

EPSS: 4.71%
5.0 CVSS
CVE-2000-0738

WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.

EPSS: 0.78%