This site is deprecated. Please
CLICK HERE for latest updates
Short Name |
HTTP:REQERR:BIN-DATA-AUTH
|
Severity |
Major
|
Recommended |
No
|
Recommended Action |
Drop
|
Category |
HTTP
|
Keywords |
Binary Data in Authorization Request
|
Release Date |
2005/05/04
|
Update Number |
1213
|
Supported Platforms |
di-5.3+, idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+
|
HTTP: Binary Data in Authorization Request
This signature detects attempts to pass binary data within an authorization request. Some web servers such as MailEnable are vulnerable.
Extended Description
MailEnable is prone to a remotely exploitable buffer overflow vulnerability. This issue occurs in the server's HTTP Header Field Definitions.
This condition may be leveraged to overwrite sensitive program control variables, allowing a remote attacker to control execution flow of the server process.
Affected Products
- Mailenable mailenable_enterprise_edition 1.0.0
- Mailenable mailenable_enterprise_edition 1.0.0 1
- Mailenable mailenable_enterprise_edition 1.0.0 2
- Mailenable mailenable_enterprise_edition 1.0.0 3
- Mailenable mailenable_enterprise_edition 1.0.0 4
- Mailenable mailenable_professional 1.0.0 004
- Mailenable mailenable_professional 1.0.0 005
- Mailenable mailenable_professional 1.0.0 006
- Mailenable mailenable_professional 1.0.0 007
- Mailenable mailenable_professional 1.0.0 008
- Mailenable mailenable_professional 1.0.0 009
- Mailenable mailenable_professional 1.0.0 010
- Mailenable mailenable_professional 1.0.0 011
- Mailenable mailenable_professional 1.0.0 012
- Mailenable mailenable_professional 1.0.0 013
- Mailenable mailenable_professional 1.0.0 014
- Mailenable mailenable_professional 1.0.0 015
- Mailenable mailenable_professional 1.0.0 016
- Mailenable mailenable_professional 1.0.0 017
- Mailenable mailenable_professional 1.1.0
- Mailenable mailenable_professional 1.101.0
- Mailenable mailenable_professional 1.102.0
- Mailenable mailenable_professional 1.103.0
- Mailenable mailenable_professional 1.104.0
- Mailenable mailenable_professional 1.105.0
- Mailenable mailenable_professional 1.106.0
- Mailenable mailenable_professional 1.107.0
- Mailenable mailenable_professional 1.108.0
- Mailenable mailenable_professional 1.109.0
- Mailenable mailenable_professional 1.110.0
- Mailenable mailenable_professional 1.111.0
- Mailenable mailenable_professional 1.112.0
- Mailenable mailenable_professional 1.113.0
- Mailenable mailenable_professional 1.114.0
- Mailenable mailenable_professional 1.115.0
- Mailenable mailenable_professional 1.116.0
- Mailenable mailenable_professional 1.12.0
- Mailenable mailenable_professional 1.13.0
- Mailenable mailenable_professional 1.14.0
- Mailenable mailenable_professional 1.15.0
- Mailenable mailenable_professional 1.16.0
- Mailenable mailenable_professional 1.17.0
- Mailenable mailenable_professional 1.18.0
- Mailenable mailenable_professional 1.19.0
- Mailenable mailenable_professional 1.2.0
- Mailenable mailenable_professional 1.2.0 A
- Mailenable mailenable_professional 1.5.0
- Mailenable mailenable_professional 1.51.0
- Mailenable mailenable_professional 1.52.0
- Mailenable mailenable_professional 1.53.0
- Mailenable mailenable_professional 1.54.0
References