<<< Date Index >>>     <<< Thread Index >>>

See-security Advisory: Format string vulnerability in MailEnable 1.8



##################################################################
#                                                                               
                                                 #
#                                        See-security Technologies ltd.         
                             #
#                                                                               
                                                 #
#                                         http://www.see-security.com           
                            #
#                                                                               
                                                 #
##################################################################

[-] Product Information
MailEnable Standard Edition provides robust SMTP and POP3 services for Windows 
NT/2000/XP/2003 systems.

[-] Vulnerability Description
MailEnable contains a format string vulnerability in the it handles SMTP 
mailto: requests

[-] Exploit
Proof of concept exploit code is available at 
http://www.hackingdefined.com/exploits/mailenable.tar.gz

[-] Credits
The vulnerability was discovered by Mati Aharoni