QK SMTP Remote Buffer Overflow Vulnerability

QK SMTP is prone to a remote buffer-overflow vulnerability because the application fails to bounds-check user-supplied data before copying it into an insufficiently sized buffer.

An attacker can exploit this issue to execute arbitrary code in the context of the affected application. This may facilitate a remote-compromise of affected computers. Failed exploit attempts will likely crash the server, effectively denying service to legitimate users.

QK SMTP 3.01 and prior versions are vulnerable to this issue.


 

Privacy Statement
Copyright 2010, SecurityFocus