Details of VAR-200312-0352

ID

VAR-200312-0352

CVE

CVE-2003-1449

TITLE

Aladdin Knowledge Systems eSafe OPSEC CVP Virus scanning can bypass the vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-200312-171

DESCRIPTION

Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. It has been reported that under some circumstances, eSafe Gateway does not properly scan messages in transit. This problem occurs when data is passed to eSafe via a Check Point OPSEC CVP compliant firewall. Because of this, malicious code may be able to circumvent the filters imposed by the software and enter, or exit the network. This could lead to further compromise of network resources. A remote attacker can exploit this vulnerability to bypass virus filtering. When Checkpoint installed with Feature Pack 3 receives more than 2M files, the scanning program will be unstable during CVP inspection. For example, if the SMTP message exceeds 2MB, FW-1 will perform the following operations: 1. Put the information into the buffer pool. 2. Send data to the CVP server. 3. It will stop when sending 1MB or nearly 2MB of data. 4. Sending will resume after 5 minutes. 5. The CVP server allows data to be placed in spool\d_resend and enters a loop operation until the information is marked as expired

Trust: 1.26

sources: NVD: CVE-2003-1449 // BID: 6787 // VULHUB: VHN-8274

AFFECTED PRODUCTS

vendor:	aladdin knowledge	model:	esafe gateway	scope:	eq	version:	3.5.126.0	Trust: 1.6
vendor:	aladdin	model:	knowledge systems esafe gateway	scope:	eq	version:	3.5	Trust: 0.3
vendor:	aladdin	model:	knowledge systems esafe gateway	scope:	eq	version:	3.0	Trust: 0.3

sources: BID: 6787 // CNNVD: CNNVD-200312-171 // NVD: CVE-2003-1449

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2003-1449
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-200312-171
value:	HIGH
Trust: 0.6
VULHUB:	VHN-8274
value:	HIGH
Trust: 0.1

nvd@nist.gov:	CVE-2003-1449
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 1.0
VULHUB:	VHN-8274
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.0
Trust: 0.1

sources: VULHUB: VHN-8274 // CNNVD: CNNVD-200312-171 // NVD: CVE-2003-1449

PROBLEMTYPE DATA

problemtype:

CWE-16

Trust: 1.1

sources: VULHUB: VHN-8274 // NVD: CVE-2003-1449

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-200312-171

TYPE

Configuration Error

Trust: 0.9

sources: BID: 6787 // CNNVD: CNNVD-200312-171

EXTERNAL IDS

db:	BID	id:	6787	Trust: 2.0
db:	NVD	id:	CVE-2003-1449	Trust: 1.7
db:	CNNVD	id:	CNNVD-200312-171	Trust: 0.7
db:	BUGTRAQ	id:	20030206 FW-1 NG FP3 BUG - DATA FLOW PROBLEM WHEN TRANSFERRING LARGE FILES	Trust: 0.6
db:	XF	id:	11295	Trust: 0.6
db:	NSFOCUS	id:	4335	Trust: 0.6
db:	VULHUB	id:	VHN-8274	Trust: 0.1

sources: VULHUB: VHN-8274 // BID: 6787 // CNNVD: CNNVD-200312-171 // NVD: CVE-2003-1449

REFERENCES

url:	http://www.securityfocus.com/bid/6787	Trust: 1.7
url:	http://archives.neohapsis.com/archives/bugtraq/2003-02/0088.html	Trust: 1.7
url:	https://exchange.xforce.ibmcloud.com/vulnerabilities/11295	Trust: 1.1
url:	http://xforce.iss.net/xforce/xfdb/11295	Trust: 0.6
url:	http://www.nsfocus.net/vulndb/4335	Trust: 0.6
url:	http://www.aladdin.com/esafe/	Trust: 0.3
url:	/archive/1/310699	Trust: 0.3

sources: VULHUB: VHN-8274 // BID: 6787 // CNNVD: CNNVD-200312-171 // NVD: CVE-2003-1449

CREDITS

Igor U.Miturin※ imiturin@russlavbank.com

Trust: 0.6

sources: CNNVD: CNNVD-200312-171

SOURCES

db:	VULHUB	id:	VHN-8274
db:	BID	id:	6787
db:	CNNVD	id:	CNNVD-200312-171
db:	NVD	id:	CVE-2003-1449

LAST UPDATE DATE

2024-08-14T15:20:18.286000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-8274	date:	2017-07-29T00:00:00
db:	BID	id:	6787	date:	2003-02-06T00:00:00
db:	CNNVD	id:	CNNVD-200312-171	date:	2003-12-31T00:00:00
db:	NVD	id:	CVE-2003-1449	date:	2017-07-29T01:29:12.263

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-8274	date:	2003-12-31T00:00:00
db:	BID	id:	6787	date:	2003-02-06T00:00:00
db:	CNNVD	id:	CNNVD-200312-171	date:	2003-02-06T00:00:00
db:	NVD	id:	CVE-2003-1449	date:	2003-12-31T05:00:00