[41689] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability

daemon@ATHENA.MIT.EDU (Owen Dhu)
Fri Dec 16 01:29:10 2005

Message-ID: <f54c85b40512130807n7b88a0a8na9935720b5abfa09@mail.gmail.com>
Date: Tue, 13 Dec 2005 10:07:03 -0600
From: Owen Dhu <0wnj00@gmail.com>
To: bugtraq@securityfocus.com, vulnwatch@vulnwatch.org,
        full-disclosure@lists.grok.org.uk
In-Reply-To: <43961957.8040908@idefense.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit

On 12/6/05, labs-no-reply@idefense.com <labs-no-reply@idefense.com> wrote:

> Ipswitch Collaboration Suite SMTP Format String Vulnerability
[...]
> Remote exploitation of a format string vulnerability in Ipswitch
> IMail allows remote attackers to execute arbitrary code.

Can iDEFENSE (or anyone else) elaborate on this? I have been working with
this for a little while and iMail doesn't seem to be exploitable in this way.

TIA.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[41689] in bugtraq

Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability

daemon@ATHENA.MIT.EDU (Owen Dhu)Fri Dec 16 01:29:10 2005

daemon@ATHENA.MIT.EDU (Owen Dhu)
Fri Dec 16 01:29:10 2005