CVE

Id
5027  
CVE No.
CVE-2002-0637  
Status
Candidate  
Description
InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.  
Phase
Modified (20071101)  
Votes
ACCEPT(1) Baker | MODIFY(1) Frech | NOOP(6) Armstrong, Christey, Cole, Cox, Foat, Wall  
Comments
Christey> BID:5259 | URL:http://online.securityfocus.com/bid/5259 | CONFIRM:http://solutionbank.antivirus.com/solutions/solutionDetail.asp?solutionId=11948 | | According to Axel Pettinger, Solaris 3.7 build 1070 | is affected by the "boundary space (trailing)" and "Boundary | Space (prefix)" problems, but not the content-type or transfer | encoding issues. That version clearly has some overlap with | this issue, but since a different build and version number are | affected, perhaps a separate candidate needs to be created. | More information on that issue is at: | http://solutionbank.antivirus.com/solutions/solutiondetail.asp?solutionID=12142 | | Baker> http://solutionbank.antivirus.com/solutions/solutionDetail.asp?solutionID=11948 | Frech> XF:interscan-viruswall-protection-bypass(9464)  

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
26007 5027 CVE-2002-0637 MISC:http://www.securiteam.com/securitynews/5KP000A7QE.html  View
26008 5027 CVE-2002-0637 XF:interscan-viruswall-protection-bypass(9464)  View

Related JVN