[12412] in bugtraq

home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Exploit + temp patch for aVirt mail server 3.5.

daemon@ATHENA.MIT.EDU (dark spyrit)
Tue Nov 2 13:44:53 1999

Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id:  <Pine.LNX.3.96.991102223619.776A-100000@attica.gen.nz>
Date:         Tue, 2 Nov 1999 23:31:57 +1300
Reply-To: dark spyrit <dspyrit@BEAVUH.ORG>
From: dark spyrit <dspyrit@BEAVUH.ORG>
X-To:         bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM

An exploit for Avirt 3.5 (NT) and a temporary patch are available
at http://www.beavuh.org.

The exploit spawns a command prompt on a port you specify and the patch
will prevent this particular overflow.

Credit to USSR for the discovery.

dark spyrit
http://www.beavuh.org.

home	help	back	first	fref	pref	prev	next	nref	lref	last	post