Matti Haack wrote:
Some infos from bugtraq:
==========================
Betreff: IpSwitch IMAP Server LOGON stack overflow
Absender: [EMAIL PROTECTED] ([EMAIL PROTECTED])
Datum: 08.06.2005, 00:24
Anh�nge: ipswitch.c, Part.txt
--------------------------
Hello, attached is a proof of concept for the IpSwitch IMAP Server LOGON stack
overflow
nolimit
I know this code works... I got nailed last night... IMAP is now turned
off... I can't seem to get the code to compile. I'm not a programmer.
I do have Visual Studio .Net installed, but could really use some help
compiling. Or if someone smarter than me could compile it, and send it
to me, that would be great.
According to the source code, the remote shell should not be returned to
the exploiter unless the server is running SP1 or lower. Can anyone
confirm/deny this? I don't see any evidence of malicious behavior, but
I'd like to test this code and see if it will return a shell to me.
Thanks,
Russ
---
[This E-mail scanned for viruses by Declude Virus]
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html
List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/
Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
