QK SMTP Server 'RCPT TO' Buffer Overflow Vulnerability Network Vulnerability

Summary

The remote SMTP server is prone to a stack based overflow. Description : QK SMTP Server is installed on the remote host. The application does not properly check it's boundaries for user supplied input in the 'RCPT TO' field. This results in a stack based overflow, where it's possible to crash the service or compromise the host.

Solution

Upgrade to QK SMTP Server 3.1 beta or a newer release.

References

http://www.securiteam.com/exploits/6P00O15H6U.html

Updated on 2015-03-25

Severity

Classification

CVE CVE-2006-5551
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

snmpXdmid overflow
SysV /bin/login buffer overflow (telnet)
Header overflow against HTTP proxy
NETObserve Authentication Bypass vulnerability
Too long OPTIONS parameter

QK SMTP Server 'RCPT TO' buffer overflow vulnerability

Take action and discover your vulnerabilities