Citadel/UX select() Bitmap Array Index Remote Oerflow

Critical Nessus Plugin ID 16245


The remote messaging service has a buffer overflow vulnerability.


The remote host is running Citadel/UX, a messaging server for Unix.

The remote version of this software is vulnerable to a buffer overflow when performing a select() system call while providing very high file descriptors. A remote attacker may exploit this flaw to modify at least one byte in memory. This could lead to a denial of service, or possibly arbitrary code execution.


Upgrade to Citadel 6.29 or later.

See Also

Plugin Details

Severity: Critical

ID: 16245

File Name: citadel_select_overflow.nasl

Version: $Revision: 1.12 $

Type: remote

Published: 2005/01/25

Modified: 2016/11/15

Dependencies: 13856

Risk Information

Risk Factor: Critical


Base Score: 10

Temporal Score: 8.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:F/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2005/01/26

Reference Information

BID: 12344

OSVDB: 13274

Secunia: 14026