80 matches found
EUVD-2004-0332
Malware in sbrugna...
EUVD-2007-2182
Malware in sbrugna...
EUVD-2006-6909
Malware in sbrugna...
EUVD-2001-1059
Malware in sbrugna...
EUVD-2007-2183
Malware in sbrugna...
CVE-2006-6926
Buffer overflow in eXtremail 2.1 has unknown impact and attack vectors, as demonstrated by VulnDisco Pack. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information...
eXtremail <= 2.1.1 memmove() Remote Denial of Service Exploit
No description provided by source. !/usr/bin/perl extremail-v3.pl Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root POC x86-lnx by mu-b - Fri Oct 06 2006 Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx - Private Source Code -DO NOT DISTRIBUTE - http://www.digit-labs.org/ --...
eXtremail 1.x/2.1 - Remote Format String Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructe...
eXtremail 1.x/2.1 - Remote Format String Vulnerability (3)
No description provided by source. source: http://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructe...
eXtremail <= 2.1.1 (LOGIN) Remote Stack Overflow Exploit
No description provided by source. / extremail-v4.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Sun Oct 08 2006 - Tested on: eXtremail 2.1.1 lnx Overflow in LOGIN command of admin interface. - Private Source Code -DO NOT DISTRIBUTE -...
eXtremail <= 2.1.1 DNS Parsing Bugs Remote Exploit PoC
No description provided by source. / extremail-v9.c Copyright c 2007 by [email protected] eXtremail 2.1.1 remote root POC x86-lnx by mu-b - Tue Feb 6 2007 - Tested on: eXtremail 2.1.0 lnx eXtremail 2.1.1 lnx POC for DNS parsing bugs... This program is free software; you can redistribute it and/...
eXtremail <= 2.1.1 - Remote Heap Overflow PoC
No description provided by source. !/usr/bin/perl extremail-v8.pl Copyright c 2007 by [email protected] eXtremail =2.1.1 remote PoC by mu-b - Wed Jan 31 2007 Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx - Private Source Code -DO NOT DISTRIBUTE - http://www.digit-labs.org/ -- Digit-Labs...
eXtremail 1.x/2.1 - Remote Format String Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/2908/info eXtremail is a freeware SMTP server available for Linux and AIX. eXtremail contains a format-string vulnerability in its logging mechanism. Attackers can send SMTP commands argumented with maliciously constructe...
eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit
No description provided by source. / extremail-v6.c Copyright c 2006 by [email protected] eXtremail =2.1.1 remote root exploit x86-lnx by mu-b - Wed Oct 18 2006 - Tested on: eXtremail 2.1.1 lnx eXtremail 2.1.0 lnx Stack overflow in ifParseAuthPlain - Private Source Code -DO NOT DISTRIBUTE -...
eXtremail多个远程溢出漏洞
eXtremail是一个pop3/smtpd邮件服务软件,可以运行在Linux和AIX系统下。 eXtremail在验证memmove的长度参数时存在整数下溢漏洞,管理接口和PLAIN认证中存在栈溢出漏洞,CRAM-MD5认证和recv循环中存在堆溢出漏洞。如果远程攻击者向邮件服务台发布的畸形请求的话,就可以触发这些溢出,导致拒绝服务或执行任意代码。 eXtremail eXtremail http://www.extremail.com/ http://www.digit-labs.org/files/exploits/extremail-v3.pl ...
eXtremail <= 2.1.1 PLAIN authentication Remote Stack Overflow Exploit
Exploit for linux platform in category remote exploits ===================================================================== eXtremail eXtremail include include include include include define BUFSIZE 2048 define BBUFSIZE BUFSIZE/34+1 define NOP 0x41 define AUTHCMD "1 AUTHENTICATE PLAIN\n" define...
Integer overflow
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...
CVE-2007-5467
Integer overflow in eXtremail 2.1.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long USER command containing "%s" sequences to the pop3 port 110/tcp, which are expanded to "%%s" before being used in the memmove function, possibly du...
CVE-2007-5466
Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to 1 have an unknown impact by sending multiple long strings to the IMAP port 143/tcp; 2 execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; 3 execut...
Buffer overflow
Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to 1 have an unknown impact by sending multiple long strings to the IMAP port 143/tcp; 2 execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; 3 execut...