See-security Advisory: Format string vulnerability in MailEnable 1.8

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: See-security Advisory: Format string vulnerability in MailEnable 1.8
From: a a <tal@xxxxxxxxxxxxxxxx>
Date: Thu, 17 Mar 2005 17:53:42 +0200
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Priority: normal

##################################################################
#                                                                               
                                                 #
#                                        See-security Technologies ltd.         
                             #
#                                                                               
                                                 #
#                                         http://www.see-security.com           
                            #
#                                                                               
                                                 #
##################################################################

[-] Product Information
MailEnable Standard Edition provides robust SMTP and POP3 services for Windows 
NT/2000/XP/2003 systems.

[-] Vulnerability Description
MailEnable contains a format string vulnerability in the it handles SMTP 
mailto: requests

[-] Exploit
Proof of concept exploit code is available at 
http://www.hackingdefined.com/exploits/mailenable.tar.gz

[-] Credits
The vulnerability was discovered by Mati Aharoni

Prev by Date: [ GLSA 200503-21 ] Grip: CDDB response overflow
Next by Date: [CLA-2005:937] Conectiva Security Announcement - cyrus-imapd
Previous by thread: [ GLSA 200503-21 ] Grip: CDDB response overflow
Next by thread: [CLA-2005:937] Conectiva Security Announcement - cyrus-imapd
Index(es):
- Date
- Thread