ID CVE-2002-1781
Summary Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.
References
Vulnerable Configurations
  • cpe:2.3:a:delegate:delegate:7.7.0
    cpe:2.3:a:delegate:delegate:7.7.0
  • cpe:2.3:a:delegate:delegate:7.7.1
    cpe:2.3:a:delegate:delegate:7.7.1
  • cpe:2.3:a:delegate:delegate:7.8.0
    cpe:2.3:a:delegate:delegate:7.8.0
  • cpe:2.3:a:delegate:delegate:7.8.1
    cpe:2.3:a:delegate:delegate:7.8.1
CVSS
Base: 7.5 (as of 08-07-2005 - 08:57)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
nessus via4
NASL family Gain a shell remotely
NASL id POP3_OVERFLOW.NASL
description The remote POP3 server might be vulnerable to a buffer overflow bug when it is issued at least one of these commands, with a too long argument : AUTH USER PASS If confirmed, this problem might allow an attacker to execute arbitrary code on the remote system.
last seen 2019-02-21
modified 2018-11-15
plugin id 10184
published 1999-06-22
reporter Tenable
source https://www.tenable.com/plugins/index.php?view=single&id=10184
title Multiple Vendor POP3 Remote Overflows
refmap via4
bid 4055
bugtraq
  • 20020207 [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities
  • 20020212 Re: [Global InterSec 2002012101] DeleGate Application Proxy - Multiple Vulnerabilities
misc http://www.globalintersec.com/adv/delegate-2002012101.txt
xf delegate-proxy-pop-bo(8114)
Last major update 05-09-2008 - 16:31
Published 31-12-2002 - 00:00
Last modified 10-07-2017 - 21:29
Back to Top