McAfee_WebShield_SMTP_Bounce_Message_Format_String_Vulnerability_attack

There exists a format string vulnerability in the SMTP virus scanning software, McAfee WebShield SMTP. The vulnerability is caused due to improper sanitation of non-existent domain names when generating a bounce message. An unauthenticated attacker may leverage the vulnerability to inject and execute arbitrary code in the context of the running service, normally System. In the case of an unsuccessful code execution attack or a denial of service attack, the service will terminate and all the other connections are severed. Note that in both cases, the target SMTP service will be terminated permanently. The service will not resume until the crafted Email message is deleted manually. By default, the crafted Email message is located in the following directory: C:\Program Files\Network Associates\TVD\WebShield SMTP\Out