header-logo
Suggest Exploit
vendor:
Citadel SMTP
by:
milw0rm
9.3
CVSS
HIGH
Remote Overflow Exploit
119
CWE
Product Name: Citadel SMTP
Affected Version From: 7.1
Affected Version To: 7.1
Patch Exists: YES
Related CWE: CVE-2008-0455
CPE: a:citadel:citadel_smtp
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-0512/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2012-1592/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2012-1591/https://www.rapid7.com/db/vulnerabilities/apache-httpd-cve-2012-2687/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2013-0130/https://www.rapid7.com/db/vulnerabilities/suse-cve-2008-0455/https://www.rapid7.com/db/vulnerabilities/centos_linux-cve-2008-0455/https://www.rapid7.com/db/vulnerabilities/gentoo-linux-cve-2008-0455/https://www.rapid7.com/db/vulnerabilities/f5-big-ip-cve-2008-0455/https://www.rapid7.com/db/vulnerabilities/linuxrpm-CESA-2008-0146/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0146/
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Linux
2008

Citadel SMTP <= 7.10 Remote Overflow Exploit

This exploit allows remote attackers to execute arbitrary code via a long string in the USER command.

Mitigation:

Upgrade to Citadel SMTP version 7.11 or later.
Source

Exploit-DB raw data:

Citadel SMTP <= 7.10 Remote Overflow Exploit

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/4949.tar.gz (2008-vs-GNU-citadel.tar.gz)

# milw0rm.com [2008-01-21]

Navigation

Suggest Exploit

Services By CQR