Signature Detail
Short Name |
POP3:OVERFLOW:AXIGEN-FS |
|---|---|
Severity |
High |
Recommended |
No |
Recommended Action |
Drop |
Category |
POP3 |
Keywords |
Axigen format string |
Release Date |
2011/11/09 |
Update Number |
2027 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
POP3: Axigen Remote Format String
This signature detects attempts to exploit a known vulnerability against Axigen email server. A successful attack can lead to arbitrary code execution.
Extended Description
Axigen is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully exploiting this issue allows remote, unauthenticated attackers to execute arbitrary code with superuser privileges, since the daemon typically runs with elevated privileges. This facitates the complete compromise of affected computers. Axigen version 2.0.0-beta1 is vulnerable to this issue; other versions may also be affected.
Affected Products
- Gecad Technologies Axigen Mail Server 2.0.0-beta1
References
- BugTraq: 22603
- URL: http://www.exploit-db.com/exploits/3329/