Signature Detail
Short Name |
SMTP:EXPLOIT:EMAIL-ADDR-FS |
|---|---|
Severity |
Medium |
Recommended |
No |
Recommended Action |
Drop |
Category |
SMTP |
Keywords |
QwikMail Email Address Format String |
Release Date |
2005/01/05 |
Update Number |
1213 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+ |
SMTP: QwikMail Email Address Format String
This signature detects attempts to exploit a format string vulnerability in QwikMail. Because QwikMail does not properly sanitize user-supplied input before using the input as the formatted printing function parameter, attackers can remotely supply input and execute arbitrary code on the server.
Extended Description
It is reported that QwikMail is susceptible to a remote format string vulnerability. This issue is due to a failure of the application to properly sanitize user-supplied input before using it as the format specifier in a formatted printing function. This vulnerability reportedly allows remote attackers to execute arbitrary code in the context of the affected daemon process. Version 0.3 was reported susceptible to this vulnerability. Other versions may also be affected.
Affected Products
- Amir Malik QwikMail 0.3.0
References
- BugTraq: 11572
- CVE: CVE-2004-2677
- CVE: CVE-2006-0559
- URL: http://securitytracker.com/alerts/2004/Oct/1012016.html