Title: SmartMax MailMax Popmax Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
Smartmax MailMax is an email server for Microsoft Windows operating systems.
Reportedly, MailMax 4.8 is vulnerable to buffer overflow attacks against its POP3 (Post Office Protocol 3) daemon, popmax. The vulnerability occurs due to improper bounds checking of the 'USER' argument.
It is possible for an attacker to cause the buffer overflow condition in popmax by submitting an overly large value for the 'USER' argument. This will cause popmax to crash and execute attacker supplied code.
As popmax is an email server, it will typically run with SYSTEM privileges. Total system compromise is possible.
Affected Products:
- SmartMax Software MailMax 4.8.0
References:
- SmartMax Software: MailMax
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
