1. CVE-Search
  2. CVE-2007-4335
ID CVE-2007-4335
Summary Format string vulnerability in the SMTP server component in Qbik WinGate 5.x and 6.x before 6.2.2 allows remote attackers to cause a denial of service (service crash) via format string specifiers in certain unexpected commands, which trigger a crash during error logging.
References
Vulnerable Configurations
  • cpe:2.3:a:qbik:wingate:5.0:*:*:*:*:*:*:*
    cpe:2.3:a:qbik:wingate:5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*
    cpe:2.3:a:qbik:wingate:6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*
    cpe:2.3:a:qbik:wingate:*:*:*:*:*:*:*:*
CVSS
Base: 5.0 (as of 15-10-2018 - 21:34)
Impact:
Exploitability:
CWE NVD-CWE-Other
CAPEC
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:N/I:N/A:P
refmap via4
bid
  • 25272
  • 25303
bugtraq 20070810 [HS-A007] Qbik WinGate Remote Denial of Service
confirm http://www.wingate.com/news.php?id=50
misc http://www.harmonysecurity.com/HS-A007.html
secunia 26412
sreason 3001
vupen ADV-2007-2859
xf qbik-smtp-dos(35950)
Last major update 15-10-2018 - 21:34
Published 14-08-2007 - 18:17
Last modified 15-10-2018 - 21:34
Back to Top