7 lines
No EOL
540 B
Text
7 lines
No EOL
540 B
Text
source: www.securityfocus.com/bid/11989/info
|
|
|
|
QwikMail (qwik-smtpd) is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data.
|
|
|
|
This issue could theoretically be exploited to execute arbitrary code. Due to the memory layout, it is also reportedly possible to overwrite an adjacent buffer in a manner that will allow a remote attacker to abuse the server as an unauthorized mail relay.
|
|
|
|
HELO AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA127.0.0.1 |