CVE-2005-1513

Name of the Vulnerable Software and Affected Versions qmail (affected versions not specified)

Description The issue is caused by an integer overflow in the stralloc readyplus function in qmail. This allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large SMTP request, particularly when running on 64-bit platforms with a large amount of virtual memory. Researchers from Qualys demonstrated the possibility of exploiting this vulnerability, which was known since 2005, by preparing an exploit that initiates remote code execution on the server through sending a specially crafted message.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.