Published: 03/11/2003 Updated: 11/07/2017

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 1000

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote malicious users to execute arbitrary code via a long GET request.

Vulnerable Product	Search on Vulmon	Subscribe to Product
truenorth software ia webmail server 3.0
truenorth software ia webmail server 3.1

#!/usr/bin/perl -w # # IA WebMail 3x (iaregdlldll version 1005) Remote Exploit # Application Specific Shellcode: URL Downloader # - www elitehaven net/ncatexe (downloaded) # - c:\ncexe (created) # # By Peter Winter-Smith peter4020 hotmail com # Shellcode included - will need reassembling to use different # urls and ...

source: wwwsecurityfocuscom/bid/8965/info IA WebMail Server is said to be prone to a remote buffer overrun that could allow an attacker to execute arbitrary code The problem occurs due to insufficient bounds checking when handling GET requests As a result, an attacker may be capable of overrunning the bounds of an internal memory buffer ...

## # $Id: ia_webmailrb 9262 2010-05-09 17:45:00Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metas ...

NVD-CWE-Other http://www.derkeiler.com/Mailing-Lists/VulnWatch/2003-11/0001.html http://www.elitehaven.net/iawebmail.txt http://www.securiteam.com/windowsntfocus/6B002158UQ.html http://www.securityfocus.com/bid/8965 http://www.osvdb.org/2757 http://securitytracker.com/id?1008075 http://secunia.com/advisories/10107 https://exchange.xforce.ibmcloud.com/vulnerabilities/13580 https://nvd.nist.gov https://www.exploit-db.com/exploits/124/

CVE-2003-1192

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect