CVE-2007-4242

Name of the Vulnerable Software and Affected Versions Astaro Security Gateway (ASG) version 7

Description The issue concerns the pop3 Proxy in Astaro Security Gateway, which fails to perform virus scanning on attachments that exceed the maximum allowed size. As a result, these attachments are passed through without scanning, allowing remote attackers to bypass the virus scanning by sending a large attachment.

Recommendations For Astaro Security Gateway (ASG) version 7, consider configuring the system to handle large attachments differently, such as by blocking or quarantining them, until a proper fix is available. As a temporary workaround, restrict the maximum attachment size to prevent bypassing of the virus scanning.