SurgeMail 3.0 - Real CGI executables Remote Buffer Overflow Vulnerability

2008-02-25T00:00:00
ID EDB-ID:31301
Type exploitdb
Reporter Luigi Auriemma
Modified 2008-02-25T00:00:00

Description

SurgeMail 3.0 Real CGI executables Remote Buffer Overflow Vulnerability. CVE-2008-1054 . Dos exploit for windows platform

                                        
                                            source: http://www.securityfocus.com/bid/27992/info

SurgeMail is prone to a remote buffer-overflow vulnerability because it fails to properly bounds-check user-supplied input.

Successfully exploiting this issue allows remote attackers to execute arbitrary machine code in the context of the affected service. Failed exploit attempts likely result in denial-of-service conditions.

SurgeMail 38k4 and prior versions are vulnerable. 

https://github.com/offensive-security/exploit-database-bin-sploits/raw/master/sploits/31301.zip