eXchange POP3 Server long SMTP command buffer overflow
| exchange-pop3-smtp-bo (15922) |  High Risk |
Description:
eXchange POP3 Server is vulnerable to a buffer overflow. A remote attacker could send a specially-crafted 'MAIL FROM' SMTP command to overflow a buffer and execute arbitrary code on the system or cause the SMTP service to crash.
Platforms Affected:
- Kinesphere Corporation, eXchange POP3 Server
Remedy:
Upgrade to the latest version of eXchange POP3 (5.0.1629 or later), available from the eXchange POP3 Web site. See References.
Consequences:
Gain Access
References:
- BugTraq Mailing List, Mon Apr 19 2004 - 18:11:58 CDT , Exchange pop3 remote exploit at http://archives.neohapsis.com/archives/bugtraq/2004-04/0240.html.
- eXchange POP3 Web site, eXchange POP3: Download (V5.0) at http://www.exchangepop3.com/download.html.
- BID-10180: Kinesphere Corporation Exchange POP3 Remote Buffer Overflow Vulnerability
- CVE-2004-1945: Buffer overflow in Kinesphere eXchange POP3 allows remote attackers to execute arbitrary code via a long MAIL FROM field.
- OSVDB ID: 5593: Kinesphere eXchange POP3 Buffer Overflow
- SA11449: Kinesphere eXchange POP3 Buffer Overflow Vulnerability
- SECTRACK ID: 1009882: eXchange POP3 Server SMTP Buffer Overflow Lets Remote Users Execute Arbitrary Code
Reported:
Apr 19, 2004
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net