Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Pegasus Mail < 4.02 To/From Header Overflow DoS

High

Synopsis

The remote host is vulnerable to a Denial of Service (DoS) attack.

Description

The remote host is running the Pegasus 4.01 mail client. Pegasus Mail 4.01 (and possibly earlier versions) are vulnerable to a Denial of Service attack caused by a buffer overflow. By sending an email message containing 259 characters or more in either the "From" or "To" message header, a remote attacker can overflow a buffer and crash the system.

Solution

Upgrade to Pegasus Mail 4.02 or higher.