'; echo 'Hillstone Networks'; } elseif ($_SERVER[HTTP_HOST] == "www.huaantech.com.cn") { echo ''; echo 'huaantech'; } elseif ($_SERVER[HTTP_HOST] == "www.dcnetworks.com.cn") { echo ''; echo 'dcnetworks'; } elseif ($_SERVER[HTTP_HOST] == "www.w-ibeda.com") { if (false===strpos($_SERVER[REQUEST_URI],"/en/")) echo ''; else echo ''; echo 'w-ibeda'; } elseif ($_SERVER[HTTP_HOST] == "www.hp-telecom.com") { echo ''; echo 'hp-telecom'; } else{ echo ''; echo 'Hillstone Networks'; } ?>
 
   
 

POP3 Attack (Attack ID:400014)

Release Date:2009-09-27

Attack Name:CAPA overflow attempt

OS Type:Window Linux Unix Others

Application Type

Severity:Critical

BUG ID

CVE ID

 

Description

This event is generated when an attempt is made to exploit a buffer overflow condition in the Post Office Protocol (POP) command CAPA.

Impact:
Possible remote execution of arbitrary code leading to a remote root compromise.

Additional References:
http://www.zvon.org/tmRFC/RFC2449/Output/chapter5.html
http://www.ntmail.co.uk/kb.htm?q=981
http://www.zvon.org/tmRFC/RFC2449/Output/chapter6.html

 

Solution

Ensure the system is using an up to date version of the software and has had all vendor supplied patches applied.