VUPEN Security - Security Mailinglists (Mirrored Posts)

	About Us \| Contact Us

VUPEN Free Resources

VUPEN Security Advisories

VUPEN Security Blog & News

Zero-day Attacks Monitor

Daily Security Mailinglist

Explanation of Terms

Advanced Search Engine

>> VUPEN Security / Public Mailing Lists Mirror

Assigned : VUPEN/ADV-2005-3010

From : Security Advisories <Security-Advisories at acs-inc.com>
Subject : [ACSSEC-2005-11-25-0x6] FTGate 4.4 [Build 4.4.000 Oct 26 2005] Fo rmat String Overflow
Date : 2005-12-20

Original Message

-=[+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]=-
ACS Security Assessment Advisory - Format String Overflow

ID: ACSSEC-2005-11-25 - 0x6

Class: Format String Overflow
Package: FTGate 4.4 [Build 4.4.000 Oct 26 2005] IMAPd Service
Build: Windows NT/2k/XP/2k3
Notified: Dec 01, 2005
Released: Dec 20, 2005

Remote: Yes
Severity: Low

Credit: Tim Shelton <security-advisories_at_acs-inc.com>
-=[+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++]=-

-=[ Background

FTGate4 is a powerful Windows(TM) communication suite that combines
exceptional mail handling facilities with comprehensive Groupware
functionality. Its security and collaboration features were developed
in conjunction with leading ISP's and define a new era in mail server
performance.

-=[ Technical Description

FTGate 4.4 [Build 4.4.000 Oct 26 2005] is vulnerable to multiple format
string overflows via specially crafted imap requests. A remote attacker
could issue the vulnerable command followed by a malicious code to execute
arbitrary code.

-=[ Proof of Concepts

IMAP 01 LIST (%25n times 1024) *
IMAP 02 AUTHENTICATE (%25n times 1024)

-=[ Solution
No remedy available as of December 2005.

-=[ Credits

Vulnerability originally reported by Tim Shelton

-=[ ChangeLog

2005-11-25 : Original Advisory
2005-12-01 : Notified Vendor
2005-12-20 : No response from vendor, disclosing full information.

Disclaimer : VUPEN Security does not endorse the content of this message submitted by others to public mailinglists. Messages submitted to public mailinglists do not necessarily reflect the opinions or policies of VUPEN Security. VUPEN Security makes no warranties, express or implied, as to the content of the message in this page or the accuracy and reliability of any messages and other materials submitted to public mailinglists. Any questions or comments regarding this page should be sent to team@vupen.com

Monthly Statistics

VUPEN Security Advisories By Criticality: Sep 2010
Critical Risk	: 22%
High Risk	: 2%
Moderate Risk	: 49%
Low Risk	: 27%

Get a real-time view of the vulnerabilities affecting your systems using the VUPEN VNS reporting capabilities.

Try VUPEN VNS