Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

interscan.txt

🗓️ 08 Nov 1999 00:00:00Reported by Dark SpyritType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 28 Views

Buffer overflow in VirusWall NT allows arbitrary code execution via long HELO command input.

Code
`Date: Mon, 8 Nov 1999 01:50:26 +1300 (NZDT)  
From: dark spyrit <[email protected]>  
To: [email protected]  
Subject: Interscan VirusWall NT 3.23/3.3 buffer overflow.  
  
  
A buffer overflow exists on the VirusWall smtp gateway - by sending a long  
HELO command you can overflow the buffer and execute arbitrary code.  
  
Example code has been written which will spawn a command prompt on a port  
you specify.  
  
Before you shrug this one off, take a look:  
  
Connected to mail1.microsoft.com.  
Escape character is '^]'.  
220 mail1.microsoft.com InterScan VirusWall NT ESMTP 3.23 (build 9/10/99)  
ready  
at Sun, 07 Nov 1999 03:38:44 -0800 (Pacific Standard Time)  
  
The ironic thing here is, VirusWall was designed to prevent viruses and  
'malicious code'.  
  
Obviously not a lot of thought was taken before laying their trust into  
3rd party 'security' products.  
  
A quick note to the millions out there who would give their right arm to  
compromise microsofts network - sorry, their firewall would prevent the  
payload from spawning a remote shell.. unless of course it was modified to  
stop an existing service to open a port :)  
  
Exploit source and binary is available at http://www.beavuh.org.  
  
Credit to Liraz Siri for bringing this to our attention.  
  
Hi to eEye/w00w00/teso.  
  
dark spyrit  
http://www.beavuh.org - bend over and pray.  
  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
08 Nov 1999 00:00Current
buffer overflowviruswall ntarbitrary code executionsecurity vulnerabilityremote shell exploit
28