Network Associates WebShield SMTP Content Filter Bypass Vulnerability

Network Associates WebShield SMTP is an email virus scanner designed for internet gateways.

The Content Filtering mechanism in WebShield SMTP filters incoming and outgoing email based upon certain criteria set by the administrator such as keywords, file attachment size, and so forth. It is possible to bypass Content Filtering if the email transmitted contains Extended ASCII characters such as ä, å or ö. WebShield SMTP does not properly recognize ISO encoded text such as "=2E" which is the equivalent of a period. This vulnerability does not affect the effectiveness of viral detection in any manner.


Privacy Statement
Copyright 2010, SecurityFocus