SMTP: Metamail Header Overflow 2
This signature detects SMTP messages with large headers that contain character set information. Metamail 2.7 and earlier versions are vulnerable. Because Metamail does not handle SMTP headers correctly, attackers can send maliciously crafted SMTP messages to execute arbitrary code at the same privilege level as the target (typically a user). Note: Systems that typically carry non-English e-mail messages should not include this attack object in their Security Policy.
Extended Description
Metamail has been reported prone to multiple vulnerabilities that may provide for arbitrary code execution. Two buffer overflow vulnerabilities have been reported to affect Metamail. Additionally, two format string-handling vulnerabilities have been reported. These issues may also be exploited by a remote attacker to execute arbitrary code.
Affected Products
Sgi propack
Short Name
SMTP:OVERFLOW:METAMAIL-HDR-OF2
Severity
Major
Recommended
False
Recommended Action
None
Category
SMTP
Keywords
2 CVE-2004-0104 Header Metamail Overflow bid:9692
Release Date
11/17/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3375
False Positive
Unknown
Vendors
Red_hat
Sgi
Metamail
Gentoo
CVSS Score
7.5