functional security

Register | Login

Home Files News About Contact Add New

Showing 1 - 1 of 1

Files

Zero Day Initiative Advisory 10-128: Posted Jul 16, 2010; Authored by Tipping Point | Site zerodayinitiative.com; Zero Day Initiative Advisory 10-128 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of IPSwitch IMail. Authentication is not required to exploit this vulnerability. The specific flaw exists within SMTPDLL.dll (called by queuemgr.exe). When handling a message queued for remote delivery user supplied data can be used to specify additional format specifiers to a vsprintf call. This can be accomplished by providing a specially crafted -NOTIFY argument to the SMTP "RCPT TO:" argument. Additionally, the destination buffer supplied to vsprintf is a local stack buffer and can also be overflowed with a large -NOTIFY argument. A remote attacker can exploit this vulnerability to execute arbitrary code under the context of the SYSTEM user.; tags | advisory, remote, overflow, arbitrary, local; MD5 | 6925dd6d0ca2b42d7c557b71d25be680; Download | Favorite | Comments (0)

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 46 files
Ubuntu 34 files
the_cyber_nuxbie 27 files
Sony 24 files
Debian 24 files
Gentoo 16 files
HP 15 files
Tipping Point 15 files
Benjamin Kunz Mejri 15 files
3spi0n 13 files

Recent News

Microsoft To Send Users 4 Critical Patches On Valentine's Day: Posted Feb 10, 2012; tags | headline, microsoft, flaw, patch; Link | Favorite | Comments (0)

Malware Devs Embrace Open Source: Posted Feb 10, 2012; tags | headline, malware, trojan; Link | Favorite | Comments (0)

Mobile Security Researchers Warn Of Evolving Android Malware: Posted Feb 10, 2012; tags | headline, malware, phone, google; Link | Favorite | Comments (0)

Security Patches Cost Google $410,000 In Finder's Fees: Posted Feb 10, 2012; tags | headline, flaw, google; Link | Favorite | Comments (0)

Google Wallet PIN Security Cracked In Seconds: Posted Feb 9, 2012; tags | headline, hacker, phone, google; Link | Favorite | Comments (0)

Airport Bomb Twitter Joker In Second Fine Appeal Bid: Posted Feb 9, 2012; tags | headline, government, twitter; Link | Favorite | Comments (0)

Chinese iPhone Maker Foxconn Hacked: Posted Feb 9, 2012; tags | headline, hacker, microsoft, phone, apple; Link | Favorite | Comments (0)

Anonymous Goes After Syria: Posted Feb 9, 2012; tags | headline, government, anonymous, syria; Link | Favorite | Comments (0)

DDoS Now Protestors' Weapon Of Choice: Posted Feb 8, 2012; tags | headline, cybercrime, denial of service; Link | Favorite | Comments (0)

USB Stick Can Be Tracked And Remotely Deleted: Posted Feb 8, 2012; tags | headline, privacy; Link | Favorite | Comments (0)

View More News →

packet storm

© 2012 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Advertising: Become an Advertiser
Hosting By: Rokabear; Global Mirror List