3 matches found
Citadel SMTP server RCPT TO buffer overflow
Added: 05/12/2008 CVE: CVE-2008-0394 BID: 27376 OSVDB: 40516 Background Citadel is an open-source e-mail and collaboration server. Problem A buffer overflow vulnerability in the makeuserkey function allows remote attackers to execute arbitrary commands by sending a long, specially crafted RCPT TO...
Buffer overflow
Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information...
CVE-2008-0394
CVE-2008-0394 : A buffer overflow in Citadel SMTP Server (versions 7.10 and earlier) is triggered by a long RCPT TO command due to insufficient bounds checking in the makeuserkey function. Remote attackers could potentially execute arbitrary code. Multiple advisories confirm the vulnerability and...