Stack overflow

2008-02-2719:44:00

PRIOn knowledge base

www.prio-n.com

8.9 High

AI Score

Confidence

High

0.905 High

EPSS

Percentile

98.8%

JSON

Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
surgemaileq3.0.0-c2
surgemaileq2.2.0-a6
surgemaileq1.8.101
surgemaileq2.0.0-g2
surgemaileq3.8.0-i3
surgemaileq2.0.101
surgemaileq2.1.97
surgemaileq2.0.99
surgemaileq2.2.0-g2
surgemaileq38.0.107

Name	Operator	Version
surgemail	eq	3.0.0-c2
surgemail	eq	2.2.0-a6
surgemail	eq	1.8.101
surgemail	eq	2.0.0-g2
surgemail	eq	3.8.0-i3
surgemail	eq	2.0.101
surgemail	eq	2.1.97
surgemail	eq	2.0.99
surgemail	eq	2.2.0-g2
surgemail	eq	38.0.107

Rows per page:

1-10 of 271

References

aluigi.altervista.org/adv/surgemailz-adv.txt

secunia.com/advisories/29105

securityreason.com/securityalert/3705

www.securityfocus.com/archive/1/488741/100/0/threaded

www.securityfocus.com/bid/27992

www.securitytracker.com/id?1019500

www.vupen.com/english/advisories/2008/0678

exchange.xforce.ibmcloud.com/vulnerabilities/40834