VULHUB ™

Sec-1 has identified an exploitable Buffer Overflow within the HTTP management interface of GFI MailSecurity 8.1. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.

Sec-1 has identified an exploitable Buffer Overflow within the HTTP management interface of GFI MailSecurity 8.1. By sending large strings within several areas of the HTTP request (such as a large 'Host' or 'Accept' header) critical portions of memory are overwritten. Verification of this vulnerability can be achieved through the use of a HTTP fuzzer, such as @stake webproxy. Successful exploitation could allow an attacker to gain administrative control of the targeted host.