[12389] in bugtraq
Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer
daemon@ATHENA.MIT.EDU (Luciano Martins)
Mon Nov 1 16:20:32 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NCBBKFKDOLAGKIAPMILPIEHGCAAA.luck@ussrback.com>
Date: Mon, 1 Nov 1999 05:57:34 -0300
Reply-To: Luciano Martins <luck@USSRBACK.COM>
From: Luciano Martins <luck@USSRBACK.COM>
X-To: BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow
vulnerability
Problem:
We found a remotely exploitable buffer overflow in the Avirt Mail Server
3.3a and a D.o.S
in the version 3.5, (long USER / PASS:) that may allow an attacker to
execute arbitrary code on the target server.
Example:
[hell@mordoc]$ telnet example.com 110 <<<< sorry are port 110
Trying example.com...
Connected to example.com.
Escape character is '^]'.
+OK aVirt Mail POP3 Server Ready
user itsme
+OK
Pass [buffer]
Where [buffer] is aprox. 856 characters. At his point the server overflows
and crashes. Just a typical buffer overflow
Published by: USSRBACK
Luck Martins
To get binary or source code for 3.3a win98 Remote exploit go to
http:www.ussrback.com/avirtro/
To get binary or source code for 3.5 D.o.S go to
http:www.ussrback.com/avirtro/
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
