CVE-2002-1839
https://notcve.org/view.php?id=CVE-2002-1839
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message. • http://online.securityfocus.com/archive/1/274144 http://www.iss.net/security_center/static/9168.php http://www.securityfocus.com/bid/4830 •
CVE-2002-2395
https://notcve.org/view.php?id=CVE-2002-2395
InterScan VirusWall 3.52 for Windows allows remote attackers to bypass virus protection and possibly execute arbitrary code via HTTP 1.1 gzip content encoding. • http://www.iss.net/security_center/static/10107.php http://www.securityfocus.com/archive/1/291538 http://www.securityfocus.com/bid/5701 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2002-1121
https://notcve.org/view.php?id=CVE-2002-1121
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect fragmented emails as defined in RFC2046 ("Message Fragmentation and Reassembly") and supported in such products as Outlook Express, which allows remote attackers to bypass content filtering, including virus checking, via fragmented emails of the message/partial content type. motores de filtrado de contenido SMTP, incluyendo GFI MailSecurity para Exchange/SMTP anteriores a 7.2 InterScan VirusWall anteriores a 3.52 compilación 1494 la configuración por defecto de MIMEDefang anteriores a 2.21 y posiblemente otros productos, no detectan correos electrónicos fragmentados como se define en la RFC2046 ("Fragmentación y ensamblaje de Mensajes"), y soportado en productos como Outlook Express, lo que permite a atacantes remotos evitar el filtrado de contenido, incluyendo la comprobación de virus, mediante correos fragmentados con el tipo de contenido message/partial. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0134.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0135.html http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0113.html http://marc.info/?l=bugtraq&m=103184267105132&w=2 http://marc.info/?l=bugtraq&m=103184501408453&w=2 http://www.iss.net/security_center/static/10088.php http://www.kb.cert.org/vuls/id/836088 http://www.securiteam.com/securitynews/5YP0A0K8CM.html http://www.securityfocus.com/bid& •
CVE-2002-0637 – Trend Micro Interscan VirusWall for Windows NT 3.52 - Space Gap Scan Bypass
https://notcve.org/view.php?id=CVE-2002-0637
InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express. Interscan VirusWall build 1462 permite a atacantes remotos evadir la protección mediante mensajes de correo con cabeceras que no cumplen la especificaciónes RFC por tener (o faltarle) caractéres de espacio en lugares inesperados (también conocido como "space gap"); como en: "Content-Type :" "Content-Transfer-Encoding :" Sin espacio antes de una declaración de límites, o "boundary= ", que es procesado por Outlook Express. • https://www.exploit-db.com/exploits/21625 http://www.iss.net/security_center/static/9464.php http://www.securiteam.com/securitynews/5KP000A7QE.html •
CVE-2002-0440 – Trend Micro Interscan VirusWall 3.5/3.6 - Content-Length Scan Bypass
https://notcve.org/view.php?id=CVE-2002-0440
Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients. • https://www.exploit-db.com/exploits/21339 http://seclists.org/lists/bugtraq/2002/Mar/0162.html http://www.inside-security.de/vwall_cl0.html http://www.iss.net/security_center/static/8425.php http://www.securityfocus.com/bid/4265 •