Netwin Dmailweb Server utoken Buffer Overflow Vulnerability
BID:1171
Info
Netwin Dmailweb Server utoken Buffer Overflow Vulnerability
| Bugtraq ID: | 1171 |
| Class: | Boundary Condition Error |
| CVE: |
CVE-2000-0422 |
| Remote: | Yes |
| Local: | Yes |
| Published: | May 04 2000 12:00AM |
| Updated: | Jul 11 2009 01:56AM |
| Credit: | Posted to Bugtraq on May 4, 2000 by Cerberus Information Security Advisory <http://www.cerberus-infosec.co.uk>. |
| Vulnerable: |
NetWin DMail 2.5 d |
| Not Vulnerable: | |
Discussion
Netwin Dmailweb Server utoken Buffer Overflow Vulnerability
Dmailweb is an application that provides access to a user's email server over the web via any standard browser. By providing a specially-crafted, abnormally long "utoken" variable value it is possible to exploit an uinchecked buffer and run arbitrary code on the Dmailweb server.
Dmailweb is an application that provides access to a user's email server over the web via any standard browser. By providing a specially-crafted, abnormally long "utoken" variable value it is possible to exploit an uinchecked buffer and run arbitrary code on the Dmailweb server.
References
Netwin Dmailweb Server utoken Buffer Overflow Vulnerability
References:
References:
- NetWin Homepage (NetWin Limited)