Floosietek.FTGate.tzoffset.Buffer.Overflow
Description
This indicates an attempt to exploit a buffer overflow vulnerability in Floosietek FTGate.
The vulnerability can be exploited by sending a specially crafted HTTP POST request with an overly large " tzoffset" parameter. As a result a remote attacker could cause the server to crash or execute arbitrary code with the privileges of the server.
Affected Products
FTGate 4 Groupware Mail version 4.4 (4.4.000) and prior.
Impact
System compromise: renote code execution.
Denial of service.
Recommended Actions
Upgrade to FTGate 4 Groupware Mail version 4.4.005 :
http://www.ftgate.com/content/206.htm
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |