SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   Courier Mail Server Vendors:   Double Precision, Inc.
Courier Mail Server 'iso2022jp' and 'shiftjis' Buffer Overflows May Let Remote Users Execute Arbitrary Code
SecurityTracker Alert ID:  1009455
SecurityTracker URL:  http://securitytracker.com/id/1009455
CVE Reference:   CVE-2004-0224   (Links to External Site)
Date:  Mar 17 2004
Impact:   Execution of arbitrary code via network, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 3.0.0
Description:   Some buffer overflow vulnerabilities were reported in the Courier Mail Server. A remote user may be able to execute arbitrary code on the target system.

It is reported that there are buffer overflows in the 'iso2022jp.c' and 'shiftjis.c' files in the processing of unicode characters. A remote user can reportedly send specially crafted unicode text with characters that are outside of the Basic Multilingual Plane (BMP) range to trigger the overflow and potentially execute arbitrary code.

Impact:   A remote user may be able to execute arbitrary code on the target system.
Solution:   The vendor has issued a fixed version (3.0.0), available at:

http://www.courier-mta.org/status.html

Vendor URL:  www.courier-mta.org/ (Links to External Site)
Cause:   Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Mar 29 2004 (Gentoo Issues Fix) Courier Mail Server 'iso2022jp' and 'shiftjis' Buffer Overflows May Let Remote Users Execute Arbitrary Code
Gentoo has released a fix.



 Source Message Contents

Subject:  http://sourceforge.net/project/shownotes.php?release_id=5767


http://sourceforge.net/project/shownotes.php?release_id=5767

Courier Mail Server

 > Release Name: 3.0.0

 > 2004-02-01 IKEDA Soji <nezumi@jca.apc.org>

 >     * iso2022jp.c: Converters became (upper-)compatible with ISO-2022-JP (RFC1468 / JIS
 > X 0208:1997 Annex 2) and ISO-2022-JP-1 (RFC2237). Buffer overflow vulnerability (when
 > Unicode character is out of BMP range) has been closed. Convert error handling was
 > implemented.
 >
 >     * shiftjis.c: Broken SHIFT_JIS converters has been fixed and became
 > (upper-)compatible with Shifted Encoding Method (JIS X 0208:1997 Annex 1). Buffer
 > overflow vulnerability (when Unicode character is out of BMP range) has been closed.
 > Convert error handling was implemented.


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC