NetcPlus SmartServer3 3.5.1 - POP Buffer Overflow

EDB-ID:

19617

CVE:



Author:

Ussr Labs

Type:

remote


Platform:

Windows

Date:

1999-11-11


source: https://www.securityfocus.com/bid/790/info

The POP server that is part of the NetcPlus SmartServer3 email server has an unchecked buffer that could allow an attacker to execute code on the server. If the USER command is followed by an argument of over 800 characters, the input buffer will be overflowed, and data from the argument will be passed to the system to be executed at the privelege level of the SmartServer program. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19617.zip