Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-4444

Overview

Vulnerability Score 5.1 5.1
CVE Id CVE-2005-4444
Last Modified 02 Aug 2011 12:00:00
Published 20 Dec 2005 09:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity HIGH
Authentication NONE

CVE-2005-4444

Summary

Stack-based buffer overflow in the trace message functionality in Pegasus Mail 4.21a through 4.21c and 4.30PB1 allow remote attackers to execute arbitrary code via a long POP3 reply.

Vulnerable Systems

Application

  • David Harris Pegasus Mail 4.21a

  • David Harris Pegasus Mail 4.21b

  • David Harris Pegasus Mail 4.21c

  • David Harris Pegasus Mail 4.30pb1


References

CONFIRM - http://www.pmail.com/newsflash.htm#secunia

SECUNIA - 17992

VUPEN - ADV-2005-3004

BID - 15973

BUGTRAQ - 20051220 Secunia Research: Pegasus Mail Buffer Overflow and Off-by-OneVulnerabilities

OSVDB - 21842

SECTRACK - 1015385

MISC - http://secunia.com/secunia_research/2005-61/advisory/


Last Updated: 27 May 2016 10:41:18