MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
BID:52838
Info
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
| Bugtraq ID: | 52838 |
| Class: | Boundary Condition Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Apr 02 2012 12:00AM |
| Updated: | Apr 02 2012 12:00AM |
| Credit: | localh0t |
| Vulnerable: |
SmartMax Software MailMax 4.6 |
| Not Vulnerable: | |
Discussion
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
MailMax is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
MailMax 4.6 is affected; other versions may also be vulnerable.
MailMax is prone to a remote stack-based buffer-overflow vulnerability because it fails to perform adequate boundary checks on user-supplied input before copying it to an insufficiently sized memory buffer.
An attacker can exploit this issue to execute arbitrary code within the context of the affected application. Failed exploit attempts will result in a denial-of-service condition.
MailMax 4.6 is affected; other versions may also be vulnerable.
Exploit / POC
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
The following exploit code is available:
The following exploit code is available:
Solution / Fix
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
Solution:
Currently we are not aware of any vendor-supplied patches. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].
References
MailMax 'USER' POP3 Command Remote Buffer Overflow Vulnerability
References:
References:
- MailMax Homepage (SmartMax Software)