Design/Logic Flaw

2008-04-0717:44:00

PRIOn knowledge base

www.prio-n.com

7.1 High

AI Score

Confidence

High

0.023 Low

EPSS

Percentile

89.7%

JSON

Stack consumption vulnerability in WebContainer.exe 1.0.0.336 and earlier in SLMail Pro 6.3.1.0 and earlier allows remote attackers to cause a denial of service (daemon crash) via a long request header in an HTTP request to TCP port 801. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
slmail_proeq6.1
slmail_proeq6.2.1
slmail_prole6.3.1.0
slmail_proeq6.3
slmail_proeq5.5
slmail_proeq6.2

Name	Operator	Version
slmail_pro	eq	6.1
slmail_pro	eq	6.2.1
slmail_pro	le	6.3.1.0
slmail_pro	eq	6.3
slmail_pro	eq	5.5
slmail_pro	eq	6.2

References

aluigi.altervista.org/adv/slmaildos-adv.txt

aluigi.org/poc/slmaildos.zip

secunia.com/advisories/29614

www.securityfocus.com/bid/28505

www.vupen.com/english/advisories/2008/1039/references

exchange.xforce.ibmcloud.com/vulnerabilities/41532