[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx, vulnwatch@xxxxxxxxxxxxx, full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] iDEFENSE Security Advisory 12.06.05: Ipswitch Collaboration Suite SMTP Format String Vulnerability
From: Owen Dhu <0wnj00@xxxxxxxxx>
Date: Tue, 13 Dec 2005 10:07:03 -0600

On 12/6/05, labs-no-reply@xxxxxxxxxxxx <labs-no-reply@xxxxxxxxxxxx> wrote:

> Ipswitch Collaboration Suite SMTP Format String Vulnerability
[...]
> Remote exploitation of a format string vulnerability in Ipswitch
> IMail allows remote attackers to execute arbitrary code.

Can iDEFENSE (or anyone else) elaborate on this? I have been working with
this for a little while and iMail doesn't seem to be exploitable in this way.

TIA.

Prev by Date: Re: [Full-disclosure] [EEYEB-20050523] Windows Kernel APC Data-Free Local Privilege Escalation Vulnerability
Next by Date: Bios Information Leakage
Previous by thread: AIX Heap Overflow paper
Next by thread: Bios Information Leakage
Index(es):
- Date
- Thread