Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0356

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2004-0356
Last Modified 05 Sep 2008 04:38:13
Published 23 Nov 2004 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2004-0356

Summary

Stack-based buffer overflow in Supervisor Report Center in SL Mail Pro 2.0.9 and earlier allows remote attackers to execute arbitrary code via an HTTP request with a long HTTP sub-version.

Vulnerable Systems

Application

  • Seattle Lab Software Slmail Pro 2.0

  • Seattle Lab Software Slmail Pro 2.0.1

  • Seattle Lab Software Slmail Pro 2.0.2

  • Seattle Lab Software Slmail Pro 2.0.3

  • Seattle Lab Software Slmail Pro 2.0.4

  • Seattle Lab Software Slmail Pro 2.0.5

  • Seattle Lab Software Slmail Pro 2.0.6

  • Seattle Lab Software Slmail Pro 2.0.7

  • Seattle Lab Software Slmail Pro 2.0.8

  • Seattle Lab Software Slmail Pro 2.0.9


References

XF - slmail-src-stack-bo(15398)

BID - 9809

MISC - http://www.nextgenss.com/advisories/slmailsrc.txt

BUGTRAQ - 20040305 SLMail Pro Supervisor Report Center Buffer Overflow (#NISR05022004a)

CONFIRM - http://216.26.170.92/Download/webfiles/Patches/SLMPPatch-2.0.14.pdf


Last Updated: 27 May 2016 10:38:34