header-logo
Suggest Exploit
vendor:
SmartServer3
by:
SecurityFocus
7.5
CVSS
HIGH
Buffer Overflow
119
CWE
Product Name: SmartServer3
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

NetcPlus SmartServer3 POP Server Buffer Overflow Vulnerability

The POP server that is part of the NetcPlus SmartServer3 email server has an unchecked buffer that could allow an attacker to execute code on the server. If the USER command is followed by an argument of over 800 characters, the input buffer will be overflowed, and data from the argument will be passed to the system to be executed at the privelege level of the SmartServer program.

Mitigation:

Ensure that the POP server is configured to limit the length of the USER command argument.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/790/info

The POP server that is part of the NetcPlus SmartServer3 email server has an unchecked buffer that could allow an attacker to execute code on the server. If the USER command is followed by an argument of over 800 characters, the input buffer will be overflowed, and data from the argument will be passed to the system to be executed at the privelege level of the SmartServer program. 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/19617.zip

Navigation

Suggest Exploit

Services By CQR