Release DateJun 03, 2010 |
Severitymedium |
ImpactDenial of service |
DescriptionThis indicates an attack attempt against a buffer-overflow vulnerability in the IMAP service in NetWin Surgemail.The vulnerability is caused by an error when the vulnerable software handles a specially crafted overly long argument to the APPEND command. It allows a remote attacker to cause a denial of service (crash) and possibly execute arbitrary code. |
Affected ProductsNetWin SurgeMail 3.9e |
Recommended ActionsApply the patch from the vendor:http://www.netwinsite.com/surgemail/help/updates.htm |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2008-7182 |
Reference/shttp://www.securityfocus.com/bid/30000 (BugTraq) |
