libspf2.Macro.Expansion.Integer.Underflow
Description
This indicates an attack attempt to exploit an Integer Underflow Vulnerability in Libspf2.
The vulnerability is due to a lack of proper input validation when processing SPF macros. A remote unauthenticated attacker can exploit the vulnerability by sending an email from a domain configured with a crafted SPF record. Successfully exploiting this vulnerability could result in arbitrary code execution under the security context of the embedding application
Affected Products
Libspf2 prior to commit d14abff4b544cfc53a8b5ef54cbc2353866b5081
Impact
System Compromise: Remote attackers can gain control of vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/shevek/libspf2/commit/d14abff4b544cfc53a8b5ef54cbc2353866b5081
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |