Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2006-0559

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2006-0559
Last Modified 07 Mar 2011 09:30:17
Published 04 Apr 2006 10:04:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2006-0559

Summary

Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.

Vulnerable Systems

Application

  • Mcafee Webshield Smtp 4.5


References

BID - 16742

SECUNIA - 19491

VUPEN - ADV-2006-1219

BUGTRAQ - 20060404 SYMSA-2006-002: McAfee WebShield SMTP Format String Vulnerability

XF - webshield-smtp-format-string(25621)

OSVDB - 24366

SECTRACK - 1015861

SREASON - 671


Last Updated: 27 May 2016 10:41:42