SMTP: Metamail Header Format String 2
This signature detects SMTP messages with headers that contain format string errors. Metamail 2.7 and earlier versions are vulnerable. Because Metamail does not handle SMTP headers correctly, attackers can send maliciously crafted SMTP messages to execute arbitrary code at the same privilege level as the target (typically user). Note: Systems that typically carry non-English e-mail messages should not include this attack object in their Security Policy.
Extended Description
Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution. Two buffer overflow vulnerabilities have been reported to affect Metamail. Additionally, two format string-handling vulnerabilities have been reported. These issues may also be exploited by a remote attacker to execute arbitrary code.
Affected Products
Sgi propack
Short Name
SMTP:OVERFLOW:METAMAIL-HDR-FS2
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
2 CVE-2004-0104 Format Header Metamail String bid:9692
Release Date
12/02/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3725
False Positive
Unknown
Vendors
Red_hat
Sgi
Metamail
Gentoo
CVSS Score
7.5