Cellopoint Secure Email Gateway (SEG)'s authentication daemon feedbackd that handles audit request, has a Buffer Overflow vulnerability. This vulnerability is triggered when a special audit request is sent to the web daemon. Upon receiving the request, the web daemon forwards it to feedbackd, causing it to crash. The web daemon's failure to properly handle the feedbackd crash allows the audit request to bypass the authentication process, enabling attackers to exploit the vulnerability and gain system administrator privileges.
Cellopoint fixed the web daemon’s processing issue and detected the feedbackd crash on July 12, 2024. The remaining Session Cache in the system was removed on August 14, 2024.
Enable "Login IP Control" in your account settings to prevent unauthorized IPs from exploiting this vulnerability.
Versions after and including SEG Build 20240712 have addressed this issue.
Comentarios