Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 POP3:OVERFLOW:PCCILLIN-POP-OF

Severity

 Critical

Recommended

 No

Recommended Action

 Drop

Category

 POP3

Keywords

 POP

Release Date

 2003/04/22

Update Number

 1213

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

POP3: PC-Cillin pop3trap.exe Buffer Overflow


This signature detects attempts to exploit a known vulnerability against the pop3trap.exe in PC-Cillin 5.02 running on Windows 98, ME, 2000, and XP. If PC-Cillin is scanning for incoming pop3 traffic, attackers can overflow the buffer to execute arbitrary code.

Extended Description

A buffer overflow vulnerability has been reported for PC-cillin's mail scanning utility. An attacker can exploit this vulnerability by connecting to a vulnerable pop3trap.exe service and sending an overly long string. This will result in the process crashing and allowing the attacker to gain control over the execution of the process.

Affected Products

  • Trend Micro OfficeScan Corporate Edition 5.0.0 2
  • Trend Micro PC-cillin 2000
  • Trend Micro PC-cillin 2002
  • Trend Micro PC-cillin 2003

References

  • BugTraq: 6350
  • CVE: CVE-2002-1349
  • URL: http://www.security.nnov.ru/search/document.asp?docid=3859
  • URL: http://www.kb.cert.org/vuls/id/157961

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out