Exploit Network Associates Webshield SMTP 4.5 - Invalid Outgoing Recipient Field Denial of Service

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
20432
Проверка EDB
  1. Пройдено
Автор
JARI HELENIUS
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2000-1129
Дата публикации
2000-11-23
Код:
source: https://www.securityfocus.com/bid/1999/info

Network Associates WebShield SMTP is an email virus scanner designed for internet gateways.

In the event that WebShield SMTP receives an outgoing email containing six "%20" followed by any character within the recipient field, the application will crash, resulting in an access violation error upon processing of the email. Restarting WebShield SMTP is required in order to regain normal functionality. It has been unverified as to whether or not arbitrary code can be executed on the target system if specially crafted code is inserted into the buffer. 

recipient@f%20f%20f%20f%20f%20f%20f
 
Источник
www.exploit-db.com

Похожие темы