Description
Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Affected products
- Canonical / Ubuntu Linux20.04 – 20.04
- Debian / debian_linux8.0 – 8.0
- Debian / debian_linux9.0 – 9.0
- Debian / debian_linux10.0 – 10.0
- qmail_project / qmail
References
- MISChttp://archives.neohapsis.com/archives/fulldisclosure/2005-05/0101.html
- MISChttp://www.guninski.com/where_do_you_want_billg_to_go_today_4.html
- MISChttp://securitytracker.com/id?1013911
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/05/19/8
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/05/20/2
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/05/20/5
- MAILING_LISThttp://seclists.org/fulldisclosure/2020/May/42
- EXPLOIThttp://packetstormsecurity.com/files/157805/Qualys-Security-Advisory-Qmail-Remote-Code-Execution.html
- VENDOR_ADVISORYhttps://www.debian.org/security/2020/dsa-4692
- MAILING_LISThttps://lists.debian.org/debian-lts-announce/2020/06/msg00002.html
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2020/06/16/2
- MAILING_LISThttp://seclists.org/fulldisclosure/2020/Jun/27
- EXPLOIThttp://packetstormsecurity.com/files/158203/Qmail-Local-Privilege-Escalation-Remote-Code-Execution.html
- MISChttps://security.gentoo.org/glsa/202007-01
- VENDOR_ADVISORYhttps://usn.ubuntu.com/4556-1/
- MAILING_LISThttp://www.openwall.com/lists/oss-security/2023/06/06/3
- MAILING_LISThttp://seclists.org/fulldisclosure/2023/Jun/2
- EXPLOIThttp://packetstormsecurity.com/files/172804/RenderDoc-1.26-Local-Privilege-Escalation-Remote-Code-Execution.html