SurgeMail 'APPEND' Command Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running SurgeMail and is prone to Buffer Overflow vulnerability.

Impact

Successful exploitation could allow remote authenticated users to cause a Denial of Service and possibly execute arbitrary code in the victim's system. Impact Level: Application

Solution

Upgrade to SurgeMail version 3.9g2 or later http://netwinsite.com/download.htm

Insight

Buffer overflow in the IMAP service is caused due the way it handles the APPEND command which can be exploited via a long first argument.

Affected

SurgeMail version prior to 3.9g2

References

http://secunia.com/advisories/30739/
http://www.netwinsite.com/surgemail/help/updates.htm
http://www.securityfocus.com/archive/1/496482

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-7182
CVSS Base Score: 4.0
AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

chm2pdf Insecure Temporary File Creation or DoS Vulnerability
Denial of Service vulnerability in AVG Anti-Virus (Linux)
Freefloat FTP Server 'ALLO' Command Remote Buffer Overflow Vulnerability
ClamAV Recursion Level Handling Denial of Service Vulnerability (Windows)
Apache Input Header Folding and mod_ssl ssl_io_filter_cleanup DoS Vulnerabilities

Take action and discover your vulnerabilities