BL4 SMTP Server Buffer Overflow Vulnerability

BL4 SMTP Server is reported susceptible to a remote buffer-overflow vulnerability in its SMTP service. This issue is due to the application's failure to properly bounds-check user-supplied input before copying it to a finite-sized memory buffer.

This vulnerability allows remote attackers to crash the server, and execute arbitrary machine code in the context of the affected server process.

Version prior to 0.1.5 are reported to be affected by this issue. Other versions may also be affected.


Privacy Statement
Copyright 2010, SecurityFocus