PT-2004-3412 · Gattaca · Gattaca Server 2003

Published

2004-12-31

Updated

2017-07-11

CVE-2004-2520

CVSS v2.0

4.0

Medium

Vector

AV:N/AC:L/Au:S/C:N/I:N/A:P

Name of the Vulnerable Software and Affected Versions Gattaca Server 2003 version 1.1.10.0

Description The issue allows remote authenticated users to cause a denial of service, resulting in an application crash. This can be achieved by sending a large numeric value in the LIST, RETR, or UIDL commands via the POP3 protocol.

Recommendations For Gattaca Server 2003 version 1.1.10.0, consider restricting access to the POP3 protocol until a fix is available, or limit the input values for the LIST, RETR, and UIDL commands to prevent large numeric values from being processed.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2004-2520

Affected Products

Gattaca Server 2003

PT-2004-3412 · Gattaca · Gattaca Server 2003

CVE-2004-2520

Related Identifiers

Affected Products

References · 9