Bugtraq mailing list archives
Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer
From: luck () USSRBACK COM (Luciano Martins)
Date: Thu, 29 Jul 1999 07:27:45 -0300
We found a buffer overflow in the CMail SMTP service (long MAIL FROM:) that may allow an attacker to execute arbitrary code on the target server, it is based on the eEye pointed out overflows in cmail 2.3 >:-] Which was never fixed... software vendors still not taking security issues seriously. Example: [[cham@guilt cham]$ telnet example.com 25 Trying example.com... Connected to example.com. Escape character is '^]'. 220 SMTP services ready. Computalynx CMail Server Version: 2.4 helo ussr 250 Hello ussr [yourip], how are you today? MAIL FROM: cmail <[buffer]@cmaildotcom.com> Where [buffer] is aprox. 7090 characters. At his point the server overflows and crashes. Just a typical buffer overflow that should have been fixed in version 2.3 when it was pointed out to them. Luck Martins u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h WWW.USSRBACK.COM
Current thread:
- Re: Fix for ssh-1.2.27 symlink/bind problem, (continued)
- Re: Fix for ssh-1.2.27 symlink/bind problem Scott Gifford (Oct 04)
- SCO UnixWare 7.1 local root exploit Brock Tellier (Oct 05)
- Re: Fix for ssh-1.2.27 symlink/bind problem Casper Dik (Oct 06)
- Re: Fix for ssh-1.2.27 symlink/bind problem Phillip Vandry (Oct 06)
- Re: Fix for ssh-1.2.27 symlink/bind problem Wietse Venema (Oct 06)
- Re: Fix for ssh-1.2.27 symlink/bind problem Markus Friedl (Oct 25)
- Re: Fix for ssh-1.2.27 symlink/bind problem Wietse Venema (Oct 25)
- Re: Fix for ssh-1.2.27 symlink/bind problem Markus Friedl (Oct 26)
- Re: Fix for ssh-1.2.27 symlink/bind problem Wietse Venema (Oct 27)
- ExpressFS 2.x FTPServer remotely exploitable buffer overflow vulnerability Luciano Martins (Jul 29)
- Vulnerability in CMail SMTP Server Version 2.4: Remotely exploitable buffer Luciano Martins (Jul 29)
- AW: Mac OS 9 Idle Lock Bug Flothow, Sebastian (Oct 29)
- Re: Fix for ssh-1.2.27 symlink/bind problem Casper Dik (Oct 29)
- DoS attack for ircd's by oversized PTR record Goblin (Oct 29)
- Re: Fix for ssh-1.2.27 symlink/bind problem Eivind Eklund (Oct 29)
- URL Live! 1.0 WebServer UNYUN (Oct 28)
- Re: Fix for ssh-1.2.27 symlink/bind problem Markus Friedl (Oct 26)
- Re: Fix for ssh-1.2.27 symlink/bind problem Wietse Venema (Oct 26)
- Re: Fix for ssh-1.2.27 symlink/bind problem Scott Gifford (Oct 04)
- Falcon Web Server Advisory (Oct 26)