Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3182

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3182
Last Modified 10 Sep 2008 03:45:46
Published 20 Oct 2005 06:02:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3182

Summary

Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.

Vulnerable Systems

Application

  • Gfi Mailsecurity 8.1


References

BID - 15081

SECUNIA - 17136

BUGTRAQ - 20051012 [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow

CONFIRM - http://kbase.gfi.com/showarticle.asp?id=KBID002451

OSVDB - 19926

SECTRACK - 1015046

SREASON - 74


Last Updated: 27 May 2016 10:40:50