`Reply-To: Luciano Martins <[email protected]>
Subject: Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer
overflow vulnerability
X-To: BUGTRAQ <[email protected]>
Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow
vulnerability
Problem:
We found a remotely exploitable buffer overflow in the Avirt Mail Server
3.3a and a D.o.S
in the version 3.5, (long USER / PASS:) that may allow an attacker to
execute arbitrary code on the target server.
Example:
[hell@mordoc]$ telnet example.com 110 <<<< sorry are port 110
Trying example.com...
Connected to example.com.
Escape character is '^]'.
+OK aVirt Mail POP3 Server Ready
user itsme
+OK
Pass [buffer]
Where [buffer] is aprox. 856 characters. At his point the server overflows
and crashes. Just a typical buffer overflow
Published by: USSRBACK
Luck Martins
To get binary or source code for 3.3a win98 Remote exploit go to
http:www.ussrback.com/avirtro/
To get binary or source code for 3.5 D.o.S go to
http:www.ussrback.com/avirtro/
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
`
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation