YahooPOPS! Multiple Remote Buffer Overflow Vulnerabilities

A proof of concept exploit was provided. Examples sufficient to demonstrate the vulnerability have also been provided:

For the POP3 service:
Telnet localhost 110
+OK POP3 YahooPOPs! Proxy ready

For the SMTP service:
Telnet localhost 25
220 YahooPOPs! Simple Mail Transfer Service Ready
[504xA] [BBBB]

Nima Majidi <>, "class 101" <>, Diabolic Crab <>, and varun uppal <> have all provided exploit examples.

y0 <> has created an exploit for the Metasploit framework (


Privacy Statement
Copyright 2010, SecurityFocus