Vulnerability Details : CVE-2005-1099
Public exploit exists!
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
Vulnerability category: Execute code
Exploit prediction scoring system (EPSS) score for CVE-2005-1099
Probability of exploitation activity in the next 30 days: 74.52%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 98 % EPSS Score History EPSS FAQ
Metasploit modules for CVE-2005-1099
-
GLD (Greylisting Daemon) Postfix Buffer Overflow
Disclosure Date: 2005-04-12First seen: 2020-04-26exploit/linux/misc/gld_postfixThis module exploits a stack buffer overflow in the Salim Gasmi GLD <= 1.4 greylisting daemon for Postfix. By sending an overly long string the stack can be overwritten. Authors: - aushack <patrick@osisecurity.com.au>
CVSS scores for CVE-2005-1099
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST |
References for CVE-2005-1099
-
http://www.gasmi.net/down/gld-history
Vendor Advisory
- http://marc.info/?l=bugtraq&m=111339935903880&w=2
-
http://securitytracker.com/alerts/2005/Apr/1013678.html
Vendor Advisory
-
https://exchange.xforce.ibmcloud.com/vulnerabilities/20066
-
http://security.gentoo.org/glsa/glsa-200504-10.xml
Patch;Vendor Advisory
-
http://marc.info/?l=bugtraq&m=111342432325670&w=2
Products affected by CVE-2005-1099
- cpe:2.3:a:salim_gasmi:gld:1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:salim_gasmi:gld:1.4:*:*:*:*:*:*:*
- cpe:2.3:a:salim_gasmi:gld:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:salim_gasmi:gld:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:salim_gasmi:gld:1.2:*:*:*:*:*:*:*
- cpe:2.3:a:salim_gasmi:gld:1.3:*:*:*:*:*:*:*