CVE-2008-1498
published 2008-03-25CVE-2008-1498: Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long…
PriorityP351critical9CVSS 2.0
AVNACLAuSCCICAC
EXPLOIT
EPSS
7.56%
93.8th percentile
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| netwin | surgemail | <= 3.8k4 | — |
| netwin | surgemail | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9g26-m4cr-3gm2: Buffer overflow in the IMAP service in NetWin Surgemail 3
ghsa_unreviewed·2022-05-17·CVSS 9.0
CVE-2008-7182 [CRITICAL] CWE-119 GHSA-9g26-m4cr-3gm2: Buffer overflow in the IMAP service in NetWin Surgemail 3
Buffer overflow in the IMAP service in NetWin Surgemail 3.9e, and possibly other versions before 3.9g2, allows remote authenticated users to cause a denial of service (crash) and possibly execute arbitrary code via a long first argument to the APPEND command, a different vector than CVE-2008-1497 and CVE-2008-1498. NOTE: due to lack of details, it is not certain whether this is the same issue as CVE-2008-2859.
GHSA
GHSA-vhqg-5v8p-7r24: Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3
ghsa_unreviewed·2022-05-01
CVE-2008-1498 [HIGH] CWE-119 GHSA-vhqg-5v8p-7r24: Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3
Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and earlier allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.
No detection rules found.
No writeups or analysis indexed.
http://secunia.com/advisories/29105http://www.netwinsite.com/surgemail/help/updates.htmhttp://www.securityfocus.com/bid/28260http://www.vupen.com/english/advisories/2008/0901/referenceshttps://www.exploit-db.com/exploits/5259http://secunia.com/advisories/29105http://www.netwinsite.com/surgemail/help/updates.htmhttp://www.securityfocus.com/bid/28260http://www.vupen.com/english/advisories/2008/0901/referenceshttps://www.exploit-db.com/exploits/5259
2008-03-25
Published