Archive : 1999 : november : avirt - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku

Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow vulnerability




=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Пн, 01 ноя 1999  11:03:10

   От: Luciano Martins 

 Кому: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

 Тема: Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow vulnerability

--------------------------------------------------------------------------------




Avirt Mail Server 3.3a or 3.5 remotely exploitable buffer overflow

vulnerability



Problem:



We found a remotely exploitable buffer overflow in the Avirt Mail Server

3.3a and a D.o.S

in the version 3.5, (long USER / PASS:) that may allow an attacker to

execute arbitrary code on the target server.

Example:





[cham@guilt cham]$ telnet example.com 25

Trying example.com...

Connected to example.com.

Escape character is '^]'.

+OK aVirt Mail POP3 Server Ready

user itsme

+OK

Pass [buffer]





Where [buffer] is aprox. 856 characters. At his point the server overflows

and crashes. Just a typical buffer overflow





Published by: USSRBACK



Luck Martins



To get binary or source code for 3.3a win98 Remote exploit go to

http:www.ussrback.com/avirtro/

To get binary or source code for 3.5 D.o.S go to

http:www.ussrback.com/avirtro/



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

www.USSRBACK.COM