Matteo Memelli

**Name of the Vulnerable Software and Affected Versions** FRRouting versions through 9.0 **Description** The issue is related to the processing of malformed requests without attributes in the bgpd/bgp flowspec.c file of FRRouting, a software for implementing network routing on Unix-like systems. This can lead to a NULL pointer dereference. Exploitation of this issue may allow a remote attacker to cause a denial of service. **Recommendations** For versions through 9.0, consider disabling the `bgp nlri parse flowspec` function in `bgpd/bgp flowspec.c` as a temporary workaround until a patch is available. Restrict access to the `bgpd/bgp flowspec.c` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** lldpd versions prior to 1.0.17 **Description** An issue was discovered in the handling of CDP PDU packets with specific `CDP TLV ADDRESSES` TLVs. A malicious actor can remotely force the lldpd daemon to perform an out-of-bounds read on heap memory. This occurs in the `cdp decode` function in `daemon/protocols/cdp.c`. The vulnerability may allow a remote attacker to impact the confidentiality, integrity, and availability of protected information. **Recommendations** For versions prior to 1.0.17, update to version 1.0.17 or later to resolve the issue. As a temporary workaround, consider restricting access to the `cdp decode` function in `daemon/protocols/cdp.c` to minimize the risk of exploitation. Avoid using the `CDP TLV ADDRESSES` TLVs in CDP PDU packets until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** CA ARCserve Backup versions r12.5 through r16 **Description** The issue is related to the server in CA ARCserve Backup not properly processing RPC requests. This allows remote attackers to execute arbitrary code or cause a denial of service via a crafted request. **Recommendations** For CA ARCserve Backup versions r12.5 through r16, update to a version that properly processes RPC requests to prevent remote attackers from executing arbitrary code or causing a denial of service.

**Name of the Vulnerable Software and Affected Versions** CA ARCserve Backup versions r12.5 through r16 **Description** The issue is related to the improper validation of RPC requests in the server and agent components, which can be exploited by remote attackers to cause a denial of service, resulting in a service crash, via a crafted request. **Recommendations** For CA ARCserve Backup versions r12.5 through r16, consider restricting access to the RPC service to minimize the risk of exploitation until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Apple iTunes versions prior to 8.2 **Description** The issue is a stack-based buffer overflow that allows remote attackers to execute arbitrary code or cause a denial of service, resulting in an application crash. This can be achieved via a crafted `itms:` URL with a long URL component after a colon. **Recommendations** For Apple iTunes versions prior to 8.2, update to version 8.2 or later to resolve the issue. As a temporary workaround, consider avoiding the use of `itms:` URLs with long components after a colon until the update is applied.

**Name of the Vulnerable Software and Affected Versions** BigAnt Messenger version 2.2 **Description** The issue is a stack-based buffer overflow in the AntServer module, allowing remote attackers to execute arbitrary code via a long URI in a request to TCP port 6080. **Recommendations** For BigAnt Messenger version 2.2, at the moment, there is no information about a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the AntServer module until a patch is available. Avoid using long URIs in requests to TCP port 6080 to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NetWin Surgemail versions 3.8k4-4 and earlier **Description** The issue is a stack-based buffer overflow in the IMAP service, allowing remote authenticated users to execute arbitrary code. This is achieved by providing a long first argument to the LIST command. **Recommendations** For versions 3.8k4-4 and earlier, update to a version later than 3.8k4-4 to resolve the issue. As a temporary workaround, consider restricting access to the IMAP service until a patch is available. Avoid using long arguments with the LIST command in the affected IMAP service to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Alt-N Technologies MDaemon version 9.6.4 **Description** The issue is related to a stack-based buffer overflow in the IMAP server. It can be triggered by a remote authenticated user via a FETCH command with a long BODY, potentially allowing the execution of arbitrary code. **Recommendations** For Alt-N Technologies MDaemon version 9.6.4, update to a newer version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MailEnable Standard Edition versions 1.x and earlier MailEnable Professional Edition versions 3.x and earlier MailEnable Enterprise Edition versions 3.x and earlier **Description** The issue affects the SMTP service, allowing remote attackers to cause a denial of service via crafted commands, specifically EXPN or VRFY commands. **Recommendations** For MailEnable Standard Edition versions 1.x and earlier, update to a version later than 1.x to resolve the issue. For MailEnable Professional Edition versions 3.x and earlier, update to a version later than 3.x to resolve the issue. For MailEnable Enterprise Edition versions 3.x and earlier, update to a version later than 3.x to resolve the issue.