Executive Summary
Summary | |
---|---|
Title | 602pro Lan Suite 2003 buffer overflow vulnerability |
Informations | |||
---|---|---|---|
Name | VU#445313 | First vendor Publication | 2007-06-27 |
Vendor | VU-CERT | Last vendor Modification | 2007-06-27 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:P/I:P/A:P) | |||
---|---|---|---|
Cvss Base Score | 7.5 | Attack Range | Network |
Cvss Impact Score | 6.4 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#445313602pro Lan Suite 2003 buffer overflow vulnerabilityOverview602pro Lan Suite 2003 contains a buffer overflow vulnerability that may allow an attacker to execute code.I. Description602pro Lan Suite 2003 is a mail, firewall and proxy server that runs on the Microsoft Windows operating system.The 602pro Lan Suite 2003 SMTP server contains a buffer overflow vulnerability. To exploit this vulnerability, an attacker would need to send a specially crafted email through the SMTP component of a vulnerable server. The vendor has stated that this issue is addressed in 602 LAN Suite 2004.
References
Thanks to David Barker of Electrosonics for reporting this vulnerability. This document was written by Ryan Giobbi.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/445313 |
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
37232 | 602Pro LAN SUITE 2003 smtpdll.dll Email Message Address Handling Overflow |