📄 1844.txt
字号:
Rule:--Sid:1844--Summary:This event is generated when a remote attacker sends an overly longargument in the AUTHENTICATE command to an internal IMAP server,indicating an attempt to exploit a buffer overflow vulnerability inNetscape Messaging Server and University of Washington IMAPimplementations. This may also affect other IMAP server implementations.--Impact:Remote execution of arbitrary code with the security privileges of theIMAP process, possibly leading to remote root compromise.--Detailed Information:A buffer overflow vulnerability exists in the AUTHENTICATE command inUniversity of Washington IMAP and Netscape Messaging Server. This canallow a remote attacker to send an AUTHENTICATE command with amalformed, overlong argument to a vulnerable IMAP server, causing abuffer overflow condition. The attacker can then execute arbitrary codeon the server with the security privileges of the IMAP server process. --Affected Systems: Netscape Messaging Server 3.55 and earlier University of Washington imapd 10.234 and earlier.--Attack Scenarios:An attacker sends an overly long, malformed argument to an AUTHENTICATEcommand to a vulnerable IMAP server, causing a buffer overflowcondition. The attacker is then able to execute arbitrary code on theserver with the security privileges of the IMAP server process.--Ease of Attack:Simple. Exploits exist.--False Positives:None known.--False Negatives:None known.--Corrective Action:Patches have been released for both UW IMAP and Netscape MessagingServer. Apply the patch or upgrade to a Netscape Messaging Serverversion higher than 3.55 or UW IMAP version higher than 10.234.--Contributors:Sourcefire Vulnerability Research TeamBrian Caswell <bmc@sourcefire.com>Sourcefire Technical Publications TeamJennifer Harvey <jennifer.harvey@sourcefire.com>--Additional References:Bugtraqhttp://www.securityfocus.com/bid/130CVEhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-0005--⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -