Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:6A6171FA448F97488D1AAFBF56B73611
HistoryMay 12, 2008 - 12:00 a.m.

Citadel SMTP server RCPT TO buffer overflow

2008-05-1200:00:00
SAINT Corporation
download.saintcorporation.com
13

0.24 Low

EPSS

Percentile

96.6%

JSON

Added: 05/12/2008
CVE: CVE-2008-0394
BID: 27376
OSVDB: 40516

Background

Citadel is an open-source e-mail and collaboration server.

Problem

A buffer overflow vulnerability in the **makeuserkey** function allows remote attackers to execute arbitrary commands by sending a long, specially crafted **RCPT TO** command to the SMTP service.

Resolution

Upgrade to Citadel 7.24 or higher.

References

<http://secunia.com/advisories/28590&gt;

Limitations

Exploit works on Citadel 7.10 on Red Hat Enterprise Linux 4 with ExecShield disabled.

Platforms

Linux

Related

nessus 1
saint 3
prion 1
nvd 1
checkpoint_advisories 1
cve 1
cvelist 1
nessus
nessus
Citadel SMTP makeuserkey Function RCPT TO Command Remote Overflow
2008-01-29 00:00:00
saint
saint
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
Citadel SMTP server RCPT TO buffer overflow
2008-05-12 00:00:00
prion
prion
Buffer overflow
2008-01-23 12:00:00
nvd
nvd
CVE-2008-0394
2008-01-23 12:00:00
checkpoint_advisories
checkpoint_advisories
Citadel SMTP RCPT Remote Buffer Overflow - High Confidence (CVE-2008-0394)
2013-05-28 00:00:00
cve
cve
CVE-2008-0394
2008-01-23 12:00:00
cvelist
cvelist
CVE-2008-0394
2008-01-23 11:00:00

0.24 Low

EPSS

Percentile

96.6%

JSON
Related for SAINT:6A6171FA448F97488D1AAFBF56B73611
nessus1saint3prion1nvd1checkpoint_advisories1cve1cvelist1