• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Axigen AXIMilter Filtering Module Remote Format String Vulnerability

Axigen is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Specifically, the issue affects the AXIMilter module.

Successfully exploiting this issue allows remote, unauthenticated attackers to execute arbitrary code in the context of the application. Failed attempts may cause denial-of-service conditions.

This issue affects Axigen 5.0.2; other versions may also be vulnerable.