Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; (3) execute arbitrary code via a long LOGIN command to the admin interface port (4501/tcp); or (4) execute arbitrary code via a long string in an IMAP AUTHENTICATE LOGIN (aka CRAM-MD5 authentication) action, involving the ifProcImapAuth1 function.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
eXtremail多个远程溢出漏洞
Vulnerability Description
eXtremail是一个pop3/smtpd邮件服务软件,可以运行在Linux和AIX系统下。 eXtremail在验证memmove()的长度参数时存在整数下溢漏洞,管理接口和PLAIN认证中存在栈溢出漏洞,CRAM-MD5认证和recv()循环中存在堆溢出漏洞。如果远程攻击者向邮件服务台发布的畸形请求的话,就可以触发这些溢出,导致拒绝服务或执行任意代码。
CVSS Information
N/A
Vulnerability Type
N/A