Network Associates WebShield SMTP Malformed Mime Header Vulnerability

WebShield SMTP is a gateway product designed to parse and scan incoming email for malicious content, including virus and worm attachments. MIME is a standard encoding scheme used for multi-part messages, including file attachments in email.

The MIME encoded file attachments that do not follow the MIME specification may not be recognized as attachments by WebShield. Some email clients, however, will recognize these malformed MIME encodings as valid, treating this content as a valid file attachment.

As WebShield does not recognize the content as an attachment, it is not subject to file based content filtering rules. Additionally, it will not be passed to the virus scanner.

Older versions of WebShield may also be vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus