[prev in list] [next in list] [prev in thread] [next in thread] 

List:       bugtraq
Subject:    Gaucho v1.4 Build 145 Buffer Overflow
From:       "Jérôme" ATHIAS <jerome.athias () caramail ! com>
Date:       2004-08-26 22:07:24
Message-ID: 20040826220724.24900.qmail () www ! securityfocus ! com
[Download RAW message or body]



Gaucho version 1.4 Build 145 is vulnerable to a buffer overflow when receiving \
malformed emails from a POP3 server. This vulnerability is triggered if Gaucho \
receives from the POP3 server, a specially crafted email that has an abnormally long \
string in the Content-Type field of the email header. This string will overwrite EIP \
via SEH, and can be exploited to execute arbitrary code.

Details and PoC:
http://www.security.org.sg/vuln/gaucho140.html


[prev in list] [next in list] [prev in thread] [next in thread] 

Configure | About | News | Add a list | Sponsored by KoreLogic