Short Name |
SMTP:COMMAND:STARTTLS-CMD |
---|---|
Severity |
Major |
Recommended |
No |
Category |
SMTP |
Keywords |
Multiple Products STARTTLS Plaintext Command Injection |
Release Date |
2011/06/22 |
Update Number |
1943 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability against several mail transfer agents (MTA's). A successful attack can lead to arbitrary command injection.
Multiple vendors' implementations of STARTTLS are prone to a vulnerability that lets attackers inject arbitrary commands. An attacker can exploit this issue to execute arbitrary commands in the context of the user running the application. Successful exploits can allow attackers to obtain email usernames and passwords. The following vendors are affected: Ipswitch Kerio Postfix Qmail-TLS Oracle (note that the affected application is unknown) SCO Group spamdyke ISC