[原文]Format string vulnerability in the SMTP server for McAfee WebShield 4.5 MR2 and earlier allows remote attackers to execute arbitrary code via format strings in the domain name portion of a destination address, which are not properly handled when a bounce message is constructed.
McAfee WebShield SMTP Bounce Message Format String
Remote / Network Access,
Local / Remote,
Loss of Integrity
WebShield SMTP contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered due to a format string error within the construction of bounce messages for non-existent domains. It is possible that the flaw may allow remote code execution resulting in a loss of integrity.
Upgrade to version 4.5 MR2 or higher, as it has been reported to fix this vulnerability. In addition, the vendor has released a patch for some older versions.
McAfee WebShield SMTP is susceptible to a remote format-string vulnerability. This issue is due to the application's failure to properly sanitize user-supplied input before including it in a format-specifier argument to a formatted-printing function.
This issue allows remote attackers to execute arbitrary machine code in the context of the affected application.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: firstname.lastname@example.org
The vendor has released a patch (P0803), along with version 4.5 MR2 to address this issue. Users of affected packages should contact the vendor for information on obtaining fixes.