Full Disclosure mailing list archives

Re: iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability

From: Owen Dhu <0wnj00 () gmail com>
Date: Tue, 13 Dec 2005 10:07:03 -0600

On 12/6/05, labs-no-reply () idefense com <labs-no-reply () idefense com> wrote:

Ipswitch Collaboration Suite SMTP Format String Vulnerability

[...]

Remote exploitation of a format string vulnerability in Ipswitch
IMail allows remote attackers to execute arbitrary code.


Can iDEFENSE (or anyone else) elaborate on this? I have been working with
this for a little while and iMail doesn't seem to be exploitable in this way.

TIA.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability labs-no-reply () idefense com (Dec 06)
- Re: iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability Owen Dhu (Dec 13)