Floosietek.FTGate.tzoffset.Buffer.Overflow

description-logoDescription

This indicates an attempt to exploit a buffer overflow vulnerability in Floosietek FTGate.
The vulnerability can be exploited by sending a specially crafted HTTP POST request with an overly large " tzoffset" parameter. As a result a remote attacker could cause the server to crash or execute arbitrary code with the privileges of the server.

affected-products-logoAffected Products

FTGate 4 Groupware Mail version 4.4 (4.4.000) and prior.

Impact logoImpact

System compromise: renote code execution.
Denial of service.

recomended-action-logoRecommended Actions

Upgrade to FTGate 4 Groupware Mail version 4.4.005 :
http://www.ftgate.com/content/206.htm

Telemetry logoTelemetry

Coverage

IPS (Regular DB)
IPS (Extended DB)