header-logo
Suggest Exploit
vendor:
WebShield SMTP
by:
Unknown
5.5
CVSS
MEDIUM
Email virus scanner crash
20
CWE
Product Name: WebShield SMTP
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: NO
Related CWE: CVE-1999-1173
CPE: a:network_associates:webshield_smtp
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Network Associates WebShield SMTP Outgoing Email Crash Vulnerability

Sending an outgoing email containing six "%20" followed by any character within the recipient field crashes the WebShield SMTP application, resulting in an access violation error. It is unverified whether arbitrary code execution is possible.

Mitigation:

Restarting the WebShield SMTP application is required to regain normal functionality. The issue can be mitigated by applying the vendor's patch or by upgrading to a non-vulnerable version.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1999/info

Network Associates WebShield SMTP is an email virus scanner designed for internet gateways.

In the event that WebShield SMTP receives an outgoing email containing six "%20" followed by any character within the recipient field, the application will crash, resulting in an access violation error upon processing of the email. Restarting WebShield SMTP is required in order to regain normal functionality. It has been unverified as to whether or not arbitrary code can be executed on the target system if specially crafted code is inserted into the buffer. 

recipient@f%20f%20f%20f%20f%20f%20f

Navigation

Suggest Exploit

Services By CQR