|
|
Family: Gain root remotely --> Category: infos
GFI MailSecurity Web Module Buffer Overflow Vulnerability Vulnerability Scan
Vulnerability Scan Summary
Checks for a buffer overflow vulnerability in GFI MailSecurity's Web Module
Detailed Explanation for this Vulnerability Test
Synopsis :
The remote host contains an application that is affected by a buffer
overflow vulnerability.
Description :
According to its version number, the instance of GFI MailSecurity on
the remote host suffers from a buffer overflow in its web based
moderator interface. An unauthenticated attacker can reportedly
exploit this flaw by sending large strings in several areas of the
HTTP request to gain control of the remote host.
See also :
http://online.securityfocus.com/archive/1/413142/30/0/threaded
http://kbase.gfi.com/showarticle.asp?id=KBID002451
Solution :
Apply the patch referenced in the vendor advisory above.
Threat Level:
Critical / CVSS Base Score : 10
(AV:R/AC:L/Au:NR/C:C/A:C/I:C/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
