Lucene search
HistoryJan 23, 2008 - 12:00 p.m.
CVE-2008-0394
cve-2008-0394
buffer overflow
citadel smtp server
security vulnerability
remote code execution
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.24 Low
EPSS
Percentile
96.6%
Buffer overflow in Citadel SMTP server 7.10 and earlier allows remote attackers to execute arbitrary code via a long RCPT TO command, which is not properly handled by the makeuserkey function. NOTE: some of these details were obtained from third party information.
Affected configurations
Node
citadelsmtpRange≤7.10
| CPE | Name | Operator | Version |
|---|---|---|---|
| citadel:smtp | citadel smtp | le | 7.10 |
Related
nessus
nessus
Citadel SMTP makeuserkey Function RCPT TO Command Remote Overflow
2008-01-29 00:00:00
saint
saint
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
checkpoint_advisories
checkpoint_advisories
Citadel SMTP RCPT Remote Buffer Overflow - High Confidence (CVE-2008-0394)
2013-05-28 00:00:00
prion
prion
Buffer overflow
2008-01-23 12:00:00
nvd
nvd
CVE-2008-0394
2008-01-23 12:00:00
cvelist
cvelist
CVE-2008-0394
2008-01-23 11:00:00
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
7.8 High
AI Score
Confidence
Low
0.24 Low
EPSS
Percentile
96.6%
Related for CVE-2008-0394