POP3: Axigen Remote Format String
This signature detects attempts to exploit a known vulnerability against Axigen email server. A successful attack can lead to arbitrary code execution.
Extended Description
Axigen is prone to a remote format-string vulnerability because the application fails to properly sanitize user-supplied input before including it in the format-specifier argument of a formatted-printing function. Successfully exploiting this issue allows remote, unauthenticated attackers to execute arbitrary code with superuser privileges, since the daemon typically runs with elevated privileges. This facitates the complete compromise of affected computers. Axigen version 2.0.0-beta1 is vulnerable to this issue; other versions may also be affected.
Affected Products
Gecad_technologies axigen_mail_server
Short Name
POP3:OVERFLOW:AXIGEN-FS
Severity
Major
Recommended
False
Recommended Action
Drop
Category
POP3
Keywords
Axigen Format Remote String bid:22603
Release Date
11/09/2011
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Gecad_technologies