qwik-smtpd HELO 缓冲区溢出漏洞

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1108352 漏洞类型 缓冲区溢出
发布时间 2004-12-15 更新时间 2005-01-10
CVE编号 CVE-2004-1291 CNNVD-ID CNNVD-200501-153
漏洞平台 Linux CVSS评分 7.5
|漏洞来源
https://www.exploit-db.com/exploits/25004
https://www.securityfocus.com/bid/82617
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200501-153
|漏洞详情
qwik-smtpd是一款开源的SMTP服务软件。qwik-smtpd中存在缓冲溢出漏洞。远程攻击者可以通过超长的HELO命令导致邻近的localIP数据缓冲区被修改,这使得攻击者可将服务器作为垃圾邮件中继来使用。
|漏洞EXP
source: www.securityfocus.com/bid/11989/info

QwikMail (qwik-smtpd) is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data.

This issue could theoretically be exploited to execute arbitrary code. Due to the memory layout, it is also reportedly possible to overwrite an adjacent buffer in a manner that will allow a remote attacker to abuse the server as an unauthorized mail relay. 

HELO AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA127.0.0.1
|受影响的产品
Amir Malik Qwik Smtpd 0
|参考资料

来源:XF
名称:qwilmail-smtp-helo-open-relay(18555)
链接:http://xforce.iss.net/xforce/xfdb/18555
来源:MISC
链接:http://tigger.uic.edu/~jlongs2/holes/qwik-smtpd.txt