Table of Contents
Advertisement
SMTP:COMMAND:EXPN
SMTP:COMMAND:TURN
SMTP:COMMAND:VRFY
SMTP:COMMAND:WIZ
SMTP:EMAIL:EUDORA-SPOOF3
SMTP:EMAIL:EUDORA-SPOOF4
SMTP:EMAIL:HEADER-FROM-PIPE
SMTP:EMAIL:HEADER-TO-PIPE
SMTP:EMAIL:MAIL-FROM-PIPE
Copyright © 2010, Juniper Networks, Inc.
This protocol anomaly is an attempt to use the EXPN
command. This command is not used by most standard
clients and servers and may reveal information about e-mail
accounts.
This protocol anomaly is an attempt to use the TURN
command that exchanges the roles of the e-mail client and
server. You may want to ban this command and drop the
connection, or edit the SMTP attack objects and change
their direction to 'BOTH.
This protocol anomaly is an attempt to use the SMTP VRFY
command. This command is not used by most standard
clients and servers and may reveal sensitive information
about e-mail accounts.
This signature detects attempts to determine if the SMTP
server supports the "WIZ" command, which may provide
anonymous root access.
This signature detects attempts to spoof an e-mail
attachment. Eudora Windows versions prior to up to 6.0.3
are vulnerable. Attackers may send a maliciously crafted
e-mail with an illegal "Attachment Converted:" line in the
message body to spoof attachments, which can lead to
remote code execution.
This signature detects attempts to spoof an e-mail
attachment. Eudora Windows 6.2.0.7 and earlier versions
are vulnerable. Attackers may send a maliciously crafted
e-mail with an illegal "Attachment Converted:" line in the
message body to spoof attachments, which can enable
remote code execution.
This signature detects attempts to send shell commands
via an SMTP e-mail message by exploiting the pipe
passthrough vulnerability. Attackers may use the invalid
"from |" as the return e-mail address to cause Sendmail to
reroute data to another program.
This signature detects attempts to send shell commands
via an SMTP e-mail message by exploiting the pipe
passthrough vulnerability. Attackers may use the invalid 'to
|' as the return e-mail address to cause Sendmail to reroute
data to another program.
This signature detects attempts to send shell commands
via an SMTP e-mail message by exploiting the pipe
passthrough vulnerability. Attackers may use the invalid
"mail from |" as the return e-mail address to cause Sendmail
to reroute data to another program.
Appendix E: Log Entries
medium
sos5.0.0,
sos5.1.0
'medium
sos5.1.0
medium
sos5.0.0,
sos5.1.0
critical
sos5.0.0,
sos5.1.0
medium
sos5.1.0
medium
sos5.1.0
medium
sos5.0.0,
sos5.1.0
medium
sos5.0.0,
sos5.1.0
medium
sos5.0.0,
sos5.1.0
917
Advertisement
Table of Contents
Related Manuals for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
Related Products for Juniper NETWORK AND SECURITY MANAGER 2010.3 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - CONFIGURING INTRUSION DETECTION AND PREVENTION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING INTRUSION DETECTION PREVENTION DEVICES GUIDE REV 01
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - API GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.3 - M-SERIES AND MX-SERIES DEVICES GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.2 - ADMINISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - CONFIGURING J SERIES SERVICES ROUTERS AND SRX SERIES SERVICES GATEWAYS GUIDE REV
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - ADMININISTRATION GUIDE REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - NSMXPRESS SERIES II REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - REV1
- Juniper NETWORK AND SECURITY MANAGER 2010.4 - M-SERIES AND MX-SERIES DEVICES GUIDE REV 1
- Juniper NETWORK AND SECURITY MANAGER 2010.2
- Juniper MEDIA FLOW MANAGER 2.0.2 - ADMINISTRATOR S GUIDE AND CLI
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 - CATEGORY OFFENSE INVESTIGATION GUIDE REV 1
- Juniper SECURITY THREAT RESPONSE MANAGER 2008.2 R2 - LOG MANAGEMENT ADMINISTRATION GUIDE REV 1
- Juniper MEDIA FLOW CONTROLLER 2.0.5
- Juniper 200 Series