Grade per Mail reinbekommen:
TITLE:
The Bat! Email Subject Header Buffer Overflow Vulnerability
SECUNIA ADVISORY ID:
SA18989
VERIFY ADVISORY:
http://secunia.com/advisories/18989/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
>From remote
SOFTWARE:
The Bat! 3.x
http://secunia.com/product/7150/
DESCRIPTION:
Nemesis Security Audit Group has discovered a vulnerability in The
Bat!, which potentially can be exploited by malicious people to
compromise a user's system.
The vulnerability is caused due to a boundary error within the
parsing of the email subject header. This can be exploited to cause a
unicode stack-based buffer overflow via a specially-crafted email
message with an overly long subject.
The vulnerability has been confirmed in version 3.60.07. Other
versions may also be affected.
SOLUTION:
Update to version 3.71.03.
http://www.ritlabs.com/en/products/thebat/download.php
PROVIDED AND/OR DISCOVERED BY:
Nemesis Security Audit Group
ORIGINAL ADVISORY:
http://www.nsag.ru/vuln/953.html
----------------------------------------------------------------------
show_config
-------
"Aber es gibt ja kRaSSe SuppOrtEr die MeinEn Alter, dass Sie KrAss MOd sind UnD feTT in Der SchOOl ruLLoern WeiL isch KRaSS der MOD bin - unD wEnn dEin PosTcoUnt sUcKt, alDer, dAnn hAlTs Maul, k?" - Verständliche und klar formulierte Aussage eines Hip-Hoppers