See-security Advisory: Format string vulnerability in MailEnable 1.8

2005-03-18T00:00:00
ID SECURITYVULNS:DOC:8096
Type securityvulns
Reporter Securityvulns
Modified 2005-03-18T00:00:00

Description

See-security Technologies ltd.

http://www.see-security.com

[-] Product Information MailEnable Standard Edition provides robust SMTP and POP3 services for Windows NT/2000/XP/2003 systems.

[-] Vulnerability Description MailEnable contains a format string vulnerability in the it handles SMTP mailto: requests

[-] Exploit Proof of concept exploit code is available at http://www.hackingdefined.com/exploits/mailenable.tar.gz

[-] Credits The vulnerability was discovered by Mati Aharoni