Ads GFI MailSecurity Web Module Buffer Overflow Tuesday, 18 October 2005 Vulnerable Systems: * GFI MailSecurity version 8.1 Immune Systems: * GFI MailSecurity version 8.x patched with MSEC8_PATCH_20050919_01.zip An exploitable Buffer Overflow within the HTTP management interface has been identified. By sending large strings within several areas of the HTTP request (such as a large Host or Accept header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host. Vendor Response: Vendor released patch and public notice. http://kbase.gfi.com/showarticle.asp?id=KBID002451 ftp://ftp.gfi.com/patches/MSEC8_PATCH_20050919_01.zip   < Prev   Next > [ Back ]

Main Menu SpamAlerts | Windows | Linux | Tutorials | Excell | WhitePapers | News | Spam | Virus Windows Focus VNews Vulnerability Hacking Sql Injection map Downloads Affiliates Online Store Free Ringtones Seo Directory IWebListin Jobs in India Freshers Jobs listings. Winkeyfinder

Copyright 2005-2007 SpamAlertz.com, Content on this site is From variuos other emails, and Advisories.