FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

qmail -- 64 bit integer overflows with possible remote code execution on large SMTP requests

Affected packages
netqmail <= 1.06_4

Details

VuXML ID 8db2f8b2-9e12-11ea-9e83-0cc47ac16c9d
Discovery 2005-05-06
Entry 2005-05-11

Georgi Guninski writes:

There are several issues with qmail on 64 bit platforms - classical integer overflow, pointer with signed index and signedness problem (not counting the memory consumtion dos, which just helps).

Update: the problem with the signed index is exploitable on Freebsd 5.4 amd64 wih a lot of virtual memory.

[source]

The national vulnerability database summarizes:

Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with a large amount of virtual memory, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request.

[source]

References

CVE Name CVE-2005-1513
CVE Name CVE-2005-1514
CVE Name CVE-2005-1515
URL http://www.guninski.com/where_do_you_want_billg_to_go_today_4.html
URL https://www.qualys.com/2020/05/19/cve-2005-1513/remote-code-execution-qmail.txt

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.