VULHUB ™

A vulnerability has been discovered in Gordano Mail Server which may allow an attacker to send email messages which bypass 'rwords' filtering. It is possible to bypass filters by constructing an email containing a target user's email address in both the TO: and FROM: fields. Additionally, by using the 'everyone' user defined by GMS, it may be possible for an attacker to send unsolicited mail, which bypasses filtering, to all users located in a target domain. This issue may be exploited to create an anonymous platform for virus distribution or sending unsolicited email to users of the vulnerable server.

A vulnerability has been discovered in Gordano Mail Server which may allow an attacker to send email messages which bypass 'rwords' filtering. It is possible to bypass filters by constructing an email containing a target user's email address in both the TO: and FROM: fields. Additionally, by using the 'everyone' user defined by GMS, it may be possible for an attacker to send unsolicited mail, which bypasses filtering, to all users located in a target domain. This issue may be exploited to create an anonymous platform for virus distribution or sending unsolicited email to users of the vulnerable server.