BugTraq
Back to list
|
Post reply
Re: Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0
May 12 2003 11:02PM
millhouse dsns net
In-Reply-To: <000a01c316d1$a7b15ae0$1601a8c0@pc1441>
Hi, i found a buffer overflow in CMailServer 4.0 a few weeks ago that
already had been discovered in CMailServer 3.3 in May 2002. It seems that
this bug has not been fixed in the current version. The buffer overflow is
in the USER command makes it possible to overwrite the EIP. The problem is
that every capital letter in the buffer that could given with the overflow
is converted to small letters, so its impossible for me to write a working
exploit that executes code.
E:\>telnet localhost 110
+OK CMailServer 4.0 POP3 Service Ready
USER "A"x524
millhouse, www.dsns.net
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
Hi, i found a buffer overflow in CMailServer 4.0 a few weeks ago that
already had been discovered in CMailServer 3.3 in May 2002. It seems that
this bug has not been fixed in the current version. The buffer overflow is
in the USER command makes it possible to overwrite the EIP. The problem is
that every capital letter in the buffer that could given with the overflow
is converted to small letters, so its impossible for me to write a working
exploit that executes code.
E:\>telnet localhost 110
+OK CMailServer 4.0 POP3 Service Ready
USER "A"x524
millhouse, www.dsns.net
[ reply ]