Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-1478

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-1478
Last Modified 05 Sep 2008 04:49:16
Published 11 May 2005 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-1478

Summary

Format string vulnerability in dSMTP (dsmtp.exe) in DMail 3.1a allows remote attackers to execute arbitrary code via format string specifiers in the xtellmail command.

Vulnerable Systems

Application

  • Netwin Dmail 3.1a

  • Netwin Dmail 3.1b


References

XF - dmail-dsmtpexe-format-string(20414)

BID - 13505

MISC - http://www.security.org.sg/vuln/dmail31a.html

SECTRACK - 1013885

SECUNIA - 15242

BUGTRAQ - 20050505 dSMTP - SMTP Mail Server 3.1b Linux Remote Root Format String Exploit


Last Updated: 27 May 2016 10:40:10