CVE-2005-0892 - Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code

CVE-2005-0892

Summary

Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.

References

http://marc.info/?l=bugtraq&m=111177045217717&w=2
http://www.debian.org/security/2005/dsa-722

Vulnerable Configurations

cpe:2.3:a:smail:smail:3.2.0.120:*:*:*:*:*:*:*
cpe:2.3:a:smail:smail:3.2.0.120:*:*:*:*:*:*:*

CVSS

Base:	10.0 (as of 18-10-2016 - 03:15)
Impact:
Exploitability:

CWE

NVD-CWE-Other

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:L/Au:N/C:C/I:C/A:C

refmap via4

bugtraq	20050325 smail remote and local root holes
debian	DSA-722

Last major update

18-10-2016 - 03:15

Published

28-03-2005 - 05:00

Last modified

18-10-2016 - 03:15