[Snort-sigs] Documentation: SID 293

Steven Alexander alexander.s at ...1565...
Fri Jun 20 09:07:31 EDT 2003


Rule:  

IMAP EXPLOIT overflow  

--
Sid: 293

--
Summary: 

This is an attempt to exploit a buffer overflow in the IMAP service

--
Impact:  
An attacker can gain remote root access.

--
Detailed Information:
  
The signature looks for a piece of shellcode (executable code) used to
exploit an known vulnerability in the IMAP service.

--
Affected Systems:
unknown

--
Attack Scenarios:

The attack is done remotely and gains privileged remote access.
--
Ease of Attack:

Simple.  An exploit is readily available.

--
False Positives:

None known.
--
False Negatives:

None known.
--
Corrective Action:

Install the available security patches from your vendor.
--
Contributors:
Rule Documentation - Steven Alexander<alexander.s at ...1565...>
-- 
Additional References:







More information about the Snort-sigs mailing list