icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons icons_061

McAfee WebShield < 4.5 MR2 Bounced Emails Format String

High

Synopsis

The remote host is vulnerable to a remote 'format string' flaw.

Description

The remote host is running the McAfee WebShield SMTP server. This version of WebShield is vulnerable to a flaw in the way that it processes 'bounced' emails. An attacker can send a malformed email that, upon being bounced, will overflow the remote mail server.

Solution

Upgrade to version 4.5 MR2 or higher.