Signature Detail

MDaemon LIST Message Handler Buffer Overflow

This signature detects attempts to exploit a known vulnerability against the Mdaemon mail server suite. Attackers can send an overly long "list" field in a malicious request, triggering a buffer overflow and enabling the attacker to execute arbitrary commands on the target host.

Extended Description

Remote attackers can exploit this vulnerability to create a denial of service condition, or possibly execute arbitrary code with system privileges.

References

• CVE: CVE-2004-1546
• URL: http://seclists.org/lists/fulldisclosure/2004/Sep/0828.html
• URL: http://securitytracker.com/id?1011386