E-Post Multiple Product SMTP Multiple AUTH Command Remote Overflow

2006-01-25T04:48:14
ID OSVDB:22761
Type osvdb
Reporter Tan Chew Keong(vuln@secunia.com)
Modified 2006-01-25T04:48:14

Description

Vulnerability Description

A remote overflow exists in E-Post. The SMTP service fails to check the length of the username supplied to the AUTH PLAIN and AUTH LOGIN commands, resulting in a stack-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

Solution Description

Currently, there are no known workarounds or upgrades to correct this issue. However, E-POST Inc. has released a patch to address this vulnerability.

Short Description

A remote overflow exists in E-Post. The SMTP service fails to check the length of the username supplied to the AUTH PLAIN and AUTH LOGIN commands, resulting in a stack-based overflow. With a specially crafted request, an attacker can cause arbitrary code execution resulting in a loss of integrity.

References:

Vendor URL: http://www.e-postinc.jp/ Secunia Advisory ID:18480 Related OSVDB ID: 22762 Related OSVDB ID: 22763 Related OSVDB ID: 22764 Related OSVDB ID: 22765 Related OSVDB ID: 22766 Other Advisory URL: http://secunia.com/secunia_research/2006-1/advisory/ ISS X-Force ID: 24331 CVE-2006-0447 Bugtraq ID: 16379