Details of VAR-200006-0120

ID

VAR-200006-0120

TITLE

ITHouse Mail Server 1.04 Remote Overflow Vulnerability

Trust: 1.0

sources: IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1 // IVD: dbe0877e-2080-11e6-abef-000c29c66e3d // CNVD: CNVD-2000-0566

DESCRIPTION

ITHouse mail server 1.04 has a remote overflow vulnerability. The attacker will construct a special email. The "recipient" field of the email contains more than 2270 bytes of data, which will cause the ITHouse mail server to overflow and may execute arbitrary code. & lt; * Source: Delphis Consulting Plc Security Team Advisories [30/05/2000] securityteam@delphisplc.com http://www.delphisplc.com/thinking/whitepapers/ *>

Trust: 0.9

sources: CNVD: CNVD-2000-0566 // IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1 // IVD: dbe0877e-2080-11e6-abef-000c29c66e3d

IOT TAXONOMY

category:

['ICS']

sub_category:

Trust: 1.0

sources: IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1 // IVD: dbe0877e-2080-11e6-abef-000c29c66e3d // CNVD: CNVD-2000-0566

AFFECTED PRODUCTS

vendor:

none

model:

scope:

version:

Trust: 0.6

sources: CNVD: CNVD-2000-0566

CVSS

SEVERITY

CVSSV2

CVSSV3

IVD:	7d727d92-463f-11e9-bc5c-000c29342cb1
value:	HIGH
Trust: 0.2
IVD:	dbe0877e-2080-11e6-abef-000c29c66e3d
value:	LOW
Trust: 0.2

IVD:	7d727d92-463f-11e9-bc5c-000c29342cb1
severity:	HIGH
baseScore:	7.5
vectorString:	AV:N/AC:L/AU:N/C:P/I:P/A:P
accessVector:	NETWORK
accessComplexity:	LOW
authentication:	NONE
confidentialityImpact:	PARTIAL
integrityImpact:	PARTIAL
availabilityImpact:	PARTIAL
exploitabilityScore:	10.0
impactScore:	6.4
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	2.9 [IVD]
Trust: 0.2
IVD:	dbe0877e-2080-11e6-abef-000c29c66e3d
severity:	NONE
baseScore:	NONE
vectorString:	NONE
accessVector:	NONE
accessComplexity:	NONE
authentication:	NONE
confidentialityImpact:	NONE
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
acInsufInfo:	NONE
obtainAllPrivilege:	NONE
obtainUserPrivilege:	NONE
obtainOtherPrivilege:	NONE
userInteractionRequired:	NONE
version:	UNKNOWN
Trust: 0.2

sources: IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1 // IVD: dbe0877e-2080-11e6-abef-000c29c66e3d

TYPE

Buffer overflow

Trust: 0.2

sources: IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1

EXTERNAL IDS

db:	CNVD	id:	CNVD-2000-0566	Trust: 1.0
db:	IVD	id:	7D727D92-463F-11E9-BC5C-000C29342CB1	Trust: 0.2
db:	IVD	id:	DBE0877E-2080-11E6-ABEF-000C29C66E3D	Trust: 0.2

sources: IVD: 7d727d92-463f-11e9-bc5c-000c29342cb1 // IVD: dbe0877e-2080-11e6-abef-000c29c66e3d // CNVD: CNVD-2000-0566

SOURCES

db:	IVD	id:	7d727d92-463f-11e9-bc5c-000c29342cb1
db:	IVD	id:	dbe0877e-2080-11e6-abef-000c29c66e3d
db:	CNVD	id:	CNVD-2000-0566

LAST UPDATE DATE

2022-05-17T01:44:53.961000+00:00

SOURCES UPDATE DATE

db:

CNVD

id:

CNVD-2000-0566

date:

2000-06-02T00:00:00

SOURCES RELEASE DATE

db:	IVD	id:	7d727d92-463f-11e9-bc5c-000c29342cb1	date:	2000-06-02T00:00:00
db:	IVD	id:	dbe0877e-2080-11e6-abef-000c29c66e3d	date:	2000-06-02T00:00:00
db:	CNVD	id:	CNVD-2000-0566	date:	2000-06-02T00:00:00