Exploit MailEnable Mail Server HTTPMail 1.x - Remote Heap Overflow

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
24103
Проверка EDB
  1. Пройдено
Автор
BEHRANG FOULADI
Тип уязвимости
DOS
Платформа
WINDOWS
CVE
cve-2004-2727
Дата публикации
2004-05-09
Код:
source: https://www.securityfocus.com/bid/10312/info

MailEnable is a commercially available POP3 and SMTP server for the Windows platform.

The 'Professional' and 'Enterprise' editions of MailEnable are reported to be prone to a remote heap buffer overflow. The overflow allows the attacker to control the EAX and ECX registers, allowing arbitrary code execution as SYSTEM.

All versions up to and including 1.18 are reported to be affected.

If logging is enabled, the request could contain:

GET /{4032 x A} HTTP/1.1

or, without logging:

GET /{8501 x A} HTTP/1.1
 
Источник
www.exploit-db.com

Похожие темы