Gordano GMS Mail JUCE add-on email filter can be bypassed

gmsmail-juce-filter-bypass (10657) The risk level is classified as MediumMedium Risk

Description:

GMS Mail (formerly called NTMail) could allow blocked mail to bypass filtering and reach some recipients. If a malicious or "Spam" mail message is sent to more than one recipient served by the GMS Mail server, the message would only be filtered from the first recipient listed, all other recipients would receive the message. This vulnerability could allow a remote attacker to send malicious emails or "Spam" that would bypass the JUCE email filter.

Platforms Affected:

  • Gordano Limited, GMS Mail 8

Remedy:

Apply the patch for this vulnerability, as listed in Gordano Knowledge Base Article Q1723. See References.

Consequences:

Bypass Security

References:

  • Gordano Knowledge Base Article Q1723, Why do malformed MIME messages pass the GMS Anti-spam attachment blocking? at http://www.gordano.com/kb.htm?q=1723.
  • Gordano Web site, Gordano Mail Server Technology at http://www.gordano.com/Technology/Mail.htm.
  • BID-6209: Gordano NTMail JUCE Email Filter Weakness
  • CVE-2002-2408: Gordano Messaging Server (GMS) Mail 8 (a.k.a. NTMail) only filters email messages for the first recipient, which allows remote attackers to bypass JUCE filters by sending a message to more than one user on the GMS server.
  • SECTRACK ID: 1005650: Gordano GMS Mail (NTMail) `JUCE` Mail Filter Fails to Properly Block Mail

Reported:

Nov 18, 2002

The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

Copyright (c) 1994-2008 Internet Security Systems, Inc. All rights reserved worldwide.

For corrections or additions please email xforce@iss.net

Return to the main page