BID:51440

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

Info

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

Bugtraq ID:	51440
Class:	Boundary Condition Error
CVE:	CVE-2012-0802
Remote:	Yes
Local:	No
Published:	Jan 17 2012 12:00AM
Updated:	Mar 06 2012 04:40PM
Credit:	Reported by the vendor
Vulnerable:	spamdyke spamdyke 3.1.8 spamdyke spamdyke 3.1.7 spamdyke spamdyke 3.1.6 spamdyke spamdyke 3.1.5 spamdyke spamdyke 4.2.1 spamdyke spamdyke 4.2 Gentoo Linux

Not Vulnerable:	spamdyke spamdyke 4.3.0

Discussion

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

Spamdyke is prone to multiple remote buffer-overflow vulnerabilities.

Attackers can leverage these issues to execute arbitrary code in the context of the application. Failed exploit attempts will cause a denial-of-service condition.

Spamdyke versions prior to 4.3.0 are vulnerable.

Exploit / POC

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Solution / Fix

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

Solution:
Updates are available. Please see the references for more information.

References

Spamdyke Multiple Remote Buffer Overflow Vulnerabilities

References:

[spamdyke-release] New version: spamdyke 4.3.0 (spamdyke)
spamdyke Homepage (spamdyke)
spamdyke Release Notes (spamdyke)