Intrusion Prevention



This indicates an attempt to exploit a buffer overflow vulnerability in Floosietek FTGate.
The vulnerability can be exploited by sending a specially crafted HTTP POST request with an overly large " tzoffset" parameter. As a result a remote attacker could cause the server to crash or execute arbitrary code with the privileges of the server.

Affected Products

FTGate 4 Groupware Mail version 4.4 (4.4.000) and prior.


System compromise: renote code execution.
Denial of service.

Recommended Actions

Upgrade to FTGate 4 Groupware Mail version 4.4.005 :

CVE References