CVE-2002-0432

Name of the Vulnerable Software and Affected Versions Citadel/UX versions 5.90 and earlier

Description The issue is related to buffer overflow in the lprintf and cprintf functions within the sysdep.c file. This can be exploited by remote attackers through specific attacks, such as a long HELO command to the SMTP server, potentially leading to a denial of service or the execution of arbitrary code.

Recommendations For Citadel/UX versions 5.90 and earlier, consider restricting access to the SMTP server to minimize the risk of exploitation until a patch is available. As a temporary workaround, limiting the length of the HELO command could help mitigate the issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.