CVE-2008-1054
Surgemail 3.0 - Real CGI executables Remote Buffer Overflow
Severity Score
6.4
*CVSS v2
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
3
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Stack-based buffer overflow in the _lib_spawn_user_getpid function in (1) swatch.exe and (2) surgemail.exe in NetWin SurgeMail 38k4 and earlier, and beta 39a, allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via an HTTP request with multiple long headers to webmail.exe and unspecified other CGI executables, which triggers an overflow when assigning values to environment variables. NOTE: some of these details are obtained from third party information.
Desbordamiento de búfer basado en pila en la función _lib_spawn_user_getpid de (1) swatch.exe y (2) surgemail.exe en NetWin SurgeMail 38k4 y versiones anteriores, y beta 39a, permite a atacantes remotos provocar una denegación de servicio (caída del demonio) y posiblemente ejecutar código de su elección a través de una petición HTTP con múltiples cabeceras largas de webmail.exe y otros ejecutables CGI no especificados, lo cual dispara un desbordamiento cuando asignan valores a variables de entorno.
NOTA: parte de esta información ha sido obtenida a partir de la información de terceros.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2008-02-25 First Exploit
- 2008-02-27 CVE Reserved
- 2008-02-27 CVE Published
- 2024-05-18 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
CAPEC
References (9)
| URL | Tag | Source |
|---|---|---|
| http://securityreason.com/securityalert/3705 | Third Party Advisory | |
| http://www.securityfocus.com/archive/1/488741/100/0/threaded | Mailing List | |
| http://www.securitytracker.com/id?1019500 | Vdb Entry | |
| http://www.vupen.com/english/advisories/2008/0678 | Vdb Entry | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/40834 | Vdb Entry |
| URL | Date | SRC |
|---|---|---|
| https://www.exploit-db.com/exploits/31301 | 2008-02-25 | |
| http://aluigi.altervista.org/adv/surgemailz-adv.txt | 2024-08-07 | |
| http://www.securityfocus.com/bid/27992 | 2024-08-07 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://secunia.com/advisories/29105 | 2018-10-11 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.8a Search vendor "Netwin" for product "Surgemail" and version "1.8a" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.8b3 Search vendor "Netwin" for product "Surgemail" and version "1.8b3" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.8d Search vendor "Netwin" for product "Surgemail" and version "1.8d" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.8e Search vendor "Netwin" for product "Surgemail" and version "1.8e" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.8g3 Search vendor "Netwin" for product "Surgemail" and version "1.8g3" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.9 Search vendor "Netwin" for product "Surgemail" and version "1.9" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 1.9b2 Search vendor "Netwin" for product "Surgemail" and version "1.9b2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.0a2 Search vendor "Netwin" for product "Surgemail" and version "2.0a2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.0c Search vendor "Netwin" for product "Surgemail" and version "2.0c" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.0e Search vendor "Netwin" for product "Surgemail" and version "2.0e" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.0g2 Search vendor "Netwin" for product "Surgemail" and version "2.0g2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.1a Search vendor "Netwin" for product "Surgemail" and version "2.1a" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.1c7 Search vendor "Netwin" for product "Surgemail" and version "2.1c7" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.2a6 Search vendor "Netwin" for product "Surgemail" and version "2.2a6" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.2c9 Search vendor "Netwin" for product "Surgemail" and version "2.2c9" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.2c10 Search vendor "Netwin" for product "Surgemail" and version "2.2c10" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.2g2 Search vendor "Netwin" for product "Surgemail" and version "2.2g2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 2.2g3 Search vendor "Netwin" for product "Surgemail" and version "2.2g3" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.0a Search vendor "Netwin" for product "Surgemail" and version "3.0a" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.0c2 Search vendor "Netwin" for product "Surgemail" and version "3.0c2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.1s Search vendor "Netwin" for product "Surgemail" and version "3.1s" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.8f3 Search vendor "Netwin" for product "Surgemail" and version "3.8f3" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.8i Search vendor "Netwin" for product "Surgemail" and version "3.8i" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.8i2 Search vendor "Netwin" for product "Surgemail" and version "3.8i2" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 3.8i3 Search vendor "Netwin" for product "Surgemail" and version "3.8i3" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 38k Search vendor "Netwin" for product "Surgemail" and version "38k" | - |
Affected
| ||||||
| Netwin Search vendor "Netwin" | Surgemail Search vendor "Netwin" for product "Surgemail" | 38k4 Search vendor "Netwin" for product "Surgemail" and version "38k4" | - |
Affected
| ||||||