cve/CVE-2007-5466.md at 4edef1e4c8c71572b001933b68c0e9d801ec9035

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-11-28 18:48:49 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to (1) have an unknown impact by sending multiple long strings to the IMAP port (143/tcp); (2) execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; (3) execute arbitrary code via a long LOGIN command to the admin interface port (4501/tcp); or (4) execute arbitrary code via a long string in an IMAP AUTHENTICATE LOGIN (aka CRAM-MD5 authentication) action, involving the ifProcImapAuth1 function.

POC

Reference

http://www.digit-labs.org/files/exploits/extremail-v8.pl
https://www.exploit-db.com/exploits/4533
https://www.exploit-db.com/exploits/4534
https://www.exploit-db.com/exploits/4535

Github

No PoCs found on GitHub currently.

1.1 KiB Raw Blame History

CVE-2007-5466

Description

POC

Reference

Github

1.1 KiB

Raw Blame History