SMTP Command Execution Vulnerability in Cisco Secure PIX Firewall
CVE-2000-1022

Currently unrated

Key Information:

Vendor: Cisco
Status: Pix Firewall Software
Vendor: CVE Published:; 11 December 2000

Summary

The mailguard feature in Cisco Secure PIX Firewall versions up to 5.2(2) is susceptible to unauthorized access, as it fails to adequately restrict access to SMTP commands. This weakness allows remote attackers to execute restricted commands by strategically sending a DATA command prior to the execution of restricted SMTP commands, potentially compromising the security of the network infrastructure.

References

http://www.securityfocus.com/bid/1698

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/5277

vdb-entryx_refsource_XF

http://www.cisco.com/warp/public/707/PIXfirewallSMTPfilte...

vendor-advisoryx_refsource_CISCO

EPSS Score

7% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 11, 2000
Vulnerability Reserved
Nov 24, 2000