GEN:SID | 1:2241 |
Message | WEB-MISC cwmail.exe access |
Summary | This event is generated when an attempt is made to exploit a known vulnerablity in NetWin CWMail 2.7.
|
Impact | Serious. Execution of arbitrary code is possible.
|
Detailed Information | Certain versions of NetWin CWMail suffer from a buffer overflow condition that can present an attacker with the opportunity to execute code of their choosing on the server.
|
Affected Systems | NetWin CWMail 2.7, a, b, c, d, f, i, j, k, l, m, n, o, p, q, s and t |
Attack Scenarios | The attacker would need to supply a large amount of characters to the "item=" parameter which could then cause the overflow condition to occur.
|
Ease of Attack | Simple.
|
Corrective Action | Upgrade to the latest non-affected version of the software.
|
Additional References | Bugtraq: http://www.securityfocus.com/bid/4093
|
Rule References | bugtraq: 4093
cve: 2002-0273
nessus: 11727
|