Print Page | Close Window

CVE-1999-0203

Printed From: LogSat Software
Category: Spam Filter ISP
Forum Name: Spam Filter ISP Support
Forum Description: General support for Spam Filter ISP
URL: https://www.logsat.com/spamfilter/forums/forum_posts.asp?TID=3654
Printed Date: 03 June 2025 at 6:55am


Topic: CVE-1999-0203
Posted By: Guests
Subject: CVE-1999-0203
Date Posted: 27 May 2004 at 2:03pm
When scanning my "LogSat Spam" server for security vulnerabilities, I receive a vulnerability CVE-1999-0203 (ref link):

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0203" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=1999-0203

How can I fix this and/or document that it is a false positive?


Replies:
Posted By: LogSat
Date Posted: 27 May 2004 at 11:39pm

LoBrien,

As the Mitre link you sent explains, the vulnerability only affects certain versions of SendMail. SpamFilter ISP is not based on Sendmail and is thus immune to that attack.

Your vulnerability scanner misinterpreted the response SpamFilter provided when it sent SpamFilter a malformatted rcpt to command followed by a specific sequence of bytes. You may want to inform the vendor of the false positives you received so they can fine tune their detection signature for this vulnerability.

You'll find more detailed explanation that Mitre provides, along with some sample signatures and vulnerable Sendmail versions http://www.snort.org/snort-db/sid.html?sid=664" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - here (Snort.org) and http://www.whitehats.com/info/IDS121" CLASS="ASPForums" TITLE="WARNING: URL created by poster. - here (Whitehats)

Roberto F.
LogSat Software

 


Print Page | Close Window