InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers. A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the agent and MS Exchange Server. There are reportedly numerous methods by which this can be accomplished, one of which is to remove the "From:" field in a infected message (MIME attachment included) and submit the message to the Exchange server. The Inoculate Agent will not detect the infected file when it is submitted in this manner. If different organizations are using MS Exchange Server and InoculateIT Agents (with MS IMC being used to send the messages) the following vulnerabilities can exist: If a message is sent with only an infected file in the body of the message and no text, the Inoculate IT Agents will not detect the virus. If a message contains embedded characters and an infected attachment, InoculateIT will not open the attachment for scanning. InoculateIT only scans...
InoculateIT 4.52 is a popular antivirus agent for Microsoft Exchange Servers. A vulnerability exists in the InoculateIT Agent for MS Exchange that can allow a local attacker to pass a virus through both the agent and MS Exchange Server. There are reportedly numerous methods by which this can be accomplished, one of which is to remove the "From:" field in a infected message (MIME attachment included) and submit the message to the Exchange server. The Inoculate Agent will not detect the infected file when it is submitted in this manner. If different organizations are using MS Exchange Server and InoculateIT Agents (with MS IMC being used to send the messages) the following vulnerabilities can exist: If a message is sent with only an infected file in the body of the message and no text, the Inoculate IT Agents will not detect the virus. If a message contains embedded characters and an infected attachment, InoculateIT will not open the attachment for scanning. InoculateIT only scans for messages destined for an Inbox folder. If a ruleset exists on the server whereby messages are directed to another mailbox, an infected file can bypass virus scanning.
