SurgeMail 'APPEND' Command Buffer Overflow Vulnerability Network Vulnerability

Summary

This host is running SurgeMail and is prone to Buffer Overflow vulnerability.

Impact

Successful exploitation could allow remote authenticated users to cause a Denial of Service and possibly execute arbitrary code in the victim's system. Impact Level: Application

Solution

Upgrade to SurgeMail version 3.9g2 or later http://netwinsite.com/download.htm

Insight

Buffer overflow in the IMAP service is caused due the way it handles the APPEND command which can be exploited via a long first argument.

Affected

SurgeMail version prior to 3.9g2

References

http://secunia.com/advisories/30739/
http://www.netwinsite.com/surgemail/help/updates.htm
http://www.securityfocus.com/archive/1/496482

Updated on 2017-03-28

Severity

Classification

CVE CVE-2008-7182

CVSS	Base Score: 4.0 AV:N/AC:L/Au:S/C:N/I:N/A:P

Related Vulnerabilities

Adobe Acrobat PDF File Denial Of Service Vulnerability
avast! AntiVirus Multiple BOF Vulnerabilities (Linux)
eZ/eZphotoshare Denial of Service
Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Windows)
Adobe Flash Media Server XML Data Remote Denial of Service Vulnerability

Take action and discover your vulnerabilities