Here what i've seen looking in the release notes of the 6.1.1 : CSCdu47003 Yes Able to pass disallowed SMTP command thru PIX, by sending after mail So it looks like if you send commands AFTER the dot, they are not secured. Hum seems that cisco did not remove the last vulnerability but only moved it further. But I was not able to confirm this (with a 5.3.1). _______________________________________________________________ ENERGIS Jerome Tytgat Network and Security Administrator mailto:j.tytgatat_private http://www.energis.fr tel : (33) 03 88 78 77 77 2, rue paul Rohmer fax : (33) 03 88 78 80 00 F-67087 Strasbourg Cedex 2 _______________________________________________________________
This archive was generated by hypermail 2b30 : Thu Sep 27 2001 - 08:20:33 PDT