QmailAdmin QMAILADMIN_TEMPLATEDIR buffer overflow
| qmailadmin-templatedir-bo (9786) |  High Risk |
Description:
QmailAdmin is vulnerable to a buffer overflow. By passing an overly large QMAILADMIN_TEMPLATEDIR to the program, a local attacker could overflow a buffer and execute code on the system with root privileges.
Consequences:
Gain Privileges
Remedy:
Upgrade to version 1.0.6 released 6 August 2002 from the Inter7 Web site. See References.
References:
- BugTraq Mailing List, Wed Jul 24 2002 - 18:05:04 CDT : Re: qmailadmin SUID buffer overflow .
- Inter7 Web site: Change Log. (Vendor notes "1.0.6 08/06/02 Fixed local overflow in template code")
- Inter7 Web site: Inter7 : Bringing You Advanced Internet Technologies : QMAILADMIN.
- Vuln-Dev Mailing List, Mon Aug 05 2002 - 19:11:26 CDT : qmailadmin SUID buffer overflow . (From Neohapsis archive)
- BID-5404: qmailadmin Local Buffer Overflow Vulnerability
- CVE-2002-1414: Buffer overflow in qmailadmin allows local users to gain privileges via a long QMAILADMIN_TEMPLATEDIR environment variable.
- OSVDB ID: 14533: qmailadmin QMAILADMIN_TEMPLATEDIR Environment Variable Local Overflow
Platforms Affected:
- FreeBSD FreeBSD
- Inter7 QmailAdmin 1.0-1
Reported:
Aug 05, 2002
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email ignore thisxforceignore this@ignore thisus.ignore thisibm.comignore this