3 matches found
Citadel SMTP RCPT Remote Buffer Overflow - High Confidence (CVE-2008-0394)
The Citadel Server is a mail server product geared towards small and medium size organizations. The product implements POP3, IMAP4, and SMTP services. The SMTP server module is installed and started in a default installation. There exists a buffer overflow vulnerability in Citadel SMTP Server. Th...
Citadel SMTP server RCPT TO buffer overflow
Added: 05/12/2008 CVE: CVE-2008-0394 BID: 27376 OSVDB: 40516 Background Citadel is an open-source e-mail and collaboration server. Problem A buffer overflow vulnerability in the makeuserkey function allows remote attackers to execute arbitrary commands by sending a long, specially crafted RCPT TO...
CVE-2008-0394
CVE-2008-0394 : A buffer overflow in Citadel SMTP Server (versions 7.10 and earlier) is triggered by a long RCPT TO command due to insufficient bounds checking in the makeuserkey function. Remote attackers could potentially execute arbitrary code. Multiple advisories confirm the vulnerability and...