CVE-2005-3182: Buffer Overflow
First published: Thu Oct 20 2005(Updated: )
Buffer overflow in the HTTP management interface for GFI MailSecurity 8.1 allows remote attackers to execute arbitrary code via long headers such as (1) Host and (2) Accept in HTTP requests. NOTE: the vendor suggests that this issues is "in an underlying Microsoft technology" which, if true, could mean that the overflow affects other products as well.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| GFI MailSecurity | =8.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kbase.gfi.com/showarticle.asp?id=KBID002451
- http://www.securityfocus.com/bid/15081
- http://secunia.com/advisories/17136/
- http://securitytracker.com/id?1015046
- http://archives.neohapsis.com/archives/fulldisclosure/2005-10/0290.html
- http://www.osvdb.org/19926
- http://securityreason.com/securityalert/74
- http://marc.info/?l=bugtraq&m=112914475508191&w=2
- collector/nvd-historical
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/description
- agent/event
- agent/softwarecombine
- agent/remedy
- agent/first-publish-date
- agent/last-modified-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/gfi
- canonical/gfi mailsecurity
- version/gfi mailsecurity/8.1