CVE-2009-1240

Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive.

CVSS v2.0 10.0 HIGH

10.0^/10

CVSS v2.0 : HIGH

Vector : AV:N/AC:L/Au:N/C:C/I:C/A:C

Exploitability : 10.0 / Impact : 10.0

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

References

Link	Resource
http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html
http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417
http://www.securityfocus.com/archive/1/502369/100/0/threaded
http://www.securityfocus.com/archive/1/504987/100/0/threaded
http://www.securityfocus.com/archive/1/504992/100/0/threaded
http://www.securityfocus.com/archive/1/504995/100/0/threaded
http://www.securityfocus.com/bid/34345

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:ibm:proventia_desktop_endpoint_security::::::::
	cpe:2.3:a:ibm:proventia_network_mail_security_system::::::::
	cpe:2.3:h:ibm:network_multi-function_security::::::::
	cpe:2.3:h:ibm:proventia_network_mail_security_system_virtual_appliance::::::::

History

No history.

Information

Published : 2009-04-03 18:30

Updated : 2024-02-04 17:33

NVD link : CVE-2009-1240

Mitre link : CVE-2009-1240

CVE.ORG link : CVE-2009-1240

JSON object : View

Products Affected

ibm

proventia_network_mail_security_system
network_multi-function_security
proventia_desktop_endpoint_security
proventia_network_mail_security_system_virtual_appliance

CWE

NVD-CWE-noinfo

{"id": "CVE-2009-1240", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 10.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "LOW", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2009-04-03T18:30:00.657", "references": [{"url": "http://blog.zoller.lu/2009/04/ibm-proventia-evasion-limited-details.html", "source": "cve@mitre.org"}, {"url": "http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/502369/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/504987/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/504992/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/archive/1/504995/100/0/threaded", "source": "cve@mitre.org"}, {"url": "http://www.securityfocus.com/bid/34345", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the IBM Proventia engine 4.9.0.0.44 20081231, as used in IBM Proventia Network Mail Security System, Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), and possibly other products, allows remote attackers to bypass detection of malware via a modified RAR archive."}, {"lang": "es", "value": "Una vulnerabilidad no especificada en el motor Proventia de IBM versi\u00f3n 4.9.0.0.44 20081231, tal y como es usado en Proventia Network Mail Security System , Network Mail Security System Virtual Appliance, Desktop Endpoint Security, Network Multi-Function Security (MFS), y posiblemente otros productos de IBM, permite a los atacantes remotos omitir la detecci\u00f3n de malware por medio de un archivo RAR modificado."}], "lastModified": "2018-10-10T19:35:20.043", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:ibm:proventia_desktop_endpoint_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B77F1551-5C37-4D5B-AC86-C2965083B93D"}, {"criteria": "cpe:2.3:a:ibm:proventia_network_mail_security_system:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C520BF35-8406-44E3-8FC6-D8BD7242D13B"}, {"criteria": "cpe:2.3:h:ibm:network_multi-function_security:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F24569C0-A783-4CFC-9A74-794DBA96E719"}, {"criteria": "cpe:2.3:h:ibm:proventia_network_mail_security_system_virtual_appliance:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3F19781E-ECC4-40A0-8027-2DC059FB989E"}], "operator": "OR"}]}], "evaluatorComment": "Per: http://iss.custhelp.com/cgi-bin/iss.cfg/php/enduser/std_adp.php?p_faqid=5417\r\n\r\nAlthough the Virus Prevention System technology was, at one time, incorporated into the IBM Proventia Network MFS and the Proventia Network Mail appliances, this capability was removed in Jan 2008. For this reason, this vulnerability does not apply to these product lines.\r\n\r\nThe Virus Prevention System technology is currently incorporated into Proventia Desktop. However, the Proventia Desktop product is not affected by this evasion.\r\n\r\nNo other IBM ISS products currently incorporate the Virus Prevention System technology.", "sourceIdentifier": "cve@mitre.org"}