68 matches found
[SECURITY] Fedora 22 Update: opensmtpd-5.7.3p1-1.fc22
OpenSMTPD is a FREE implementation of the server-side SMTP protocol as defi ned by RFC 5321, with some additional standard extensions. It allows ordinary machines to exchange e-mails with other systems speaking the SMTP protocol. Started out of dissatisfaction with other implementations, OpenSMTP...
SMTP-VRFY
This is a simple script to help you enumarate and discover valid email addresses on a smtp server, it uses a python script and a dictionary brute-force based attack. import socket import sys s=socket.socketsocket.AFINET, socket.SOCKSTREAM connect=s.connectsys.argv1,intsys.argv2 s.send'VRFY ' +...
Floosietek FTGate PRO 1.22 SMTP MAIL FROM Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7506/info A buffer overflow vulnerability has been reported for Floosietek FTGate PRO mail server. The vulnerability exists when the mail server attempts to process overly long SMTP 'Mail From' arguments. Due to the natur...
Youngzsoft CMailServer 4.0 RCPT TO Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/7548/info A buffer overflow vulnerability has been reported for CMailServer. The vulnerability exists due to insufficient bounds checking when parsing e-mail headers. Specifically, an overly long RCPT TO e-mail header wil...
cURL Buffer Overflow
cURL buffer overflow Wed 06 February 2013 Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3, SMTP protocol handlers which lead to code execution RCE. When negotiating SASL DIGEST-MD5 authentication, the function Curlsaslcreatedigestmd5message uses the data provided...
cURL Buffer Overflow Vulnerability
A remotely exploitable buffer overflow vulnerability was discovered in the libcurl POP3 and SMTP protocol handlers. Proper exploitation can allow for arbitrary code execution. cURL buffer overflow Wed 06 February 2013 Volema found remotely exploitable buffer overflow vulnerability in libcurl POP3...
CVE-2012-0036
curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...
CVE-2012-0036
curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the 1 IMAP, 2 POP3, or 3 SMTP protocol...
postfix -- plaintext command injection with SMTP over TLS
Wietse Venema has discovered a software flaw that allows an attacker to inject client commands into an SMTP session during the unprotected plaintext SMTP protocol phase, such that the server will execute those commands during the SMTP- over-TLS protocol phase when all communication is supposed to...
Security Best Practice: Protect Yourself from Multiple SMTP Vulnerabilities
Simple Mail Transfer Protocol SMTP is an Internet standard for electronic mail e-mail transmission across Internet Protocol IP networks. SMTP is specified for outgoing mail transport and uses TCP port 25. There are several serious security limitations with the SMTP protocol that allow malicious...
The use of injection techniques to attack the mail server and defenses(a)-vulnerability warning-the black bar safety net
This article will detail through the talk to mail server communication of a Web application, i.e., the webmail application to inject some mail protocolsIMAP and SMTP Protocolcommands to attack a mail server of the principles, methods and defenses. A Webmail application role Webmail app through IM...
[SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack
Vulnerability in WireShark 1.0.4 for DoS Attack 1. General Information On Nov 2008, Security Vulnerability Research Team of Bkis SVRT-Bkis has detected a vulnerability underlying WireShark 1.0.4 lastest version. The flaw is in the function processing SMTP protocol and enables hacker to perform a...
Winmail Mail Server 2.3 Remote Format String Exploit
No description provided by source. / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol not pop3 for execute a malicious command on a vulnerable system usage : mwmxploit Target IP command to execute remote...
Microsoft Exchange Server SMTP protocol buffer overflow
Heap overflow on extended SMTP commands...
ZoneAlarm buffer overflow
Buffer overflow on oversized RCPT TO: in SMTP...
Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption
Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption source: https://www.securityfocus.com/bid/7926/info It has been reported that Mailtraq does not reliably handle format strings in some SMTP protocol fields. This may cause a system to become unstable and crash, allowing a remote...
Mailtraq 2.1.0.1302 - Remote Format String SMTP Resource Consumption
source: https://www.securityfocus.com/bid/7926/info It has been reported that Mailtraq does not reliably handle format strings in some SMTP protocol fields. This may cause a system to become unstable and crash, allowing a remote attacker to deny service to the system. @@%s%p%n %s%p%n...
Winmail Mail Server 2.3 Build 0402 - Remote Format String
Winmail Mail Server 2.3 Build 0402 - Remote Format String / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol smtp port + The command to execute cannot exceed 90 characters + compile : cl.exe mwmxploit.c ...
Winmail Mail Server 2.3 Remote Format String Exploit
Exploit for unknown platform in category remote exploits ==================================================== Winmail Mail Server 2.3 Remote Format String Exploit ==================================================== / Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by Threa...
Winmail Mail Server 2.3 Build 0402 - Remote Format String
/ Magic Winmail Server 2.3Build 0402 Remote Format string exploit. Coded by ThreaT. This one take advantage of a format bug in the SMTP protocol smtp port + The command to execute cannot exceed 90 characters + compile : cl.exe mwmxploit.c /w / include include pragma comment lib,"wsock32.lib" void...