Stack-based buffer overflow in QK SMTP 3.01 and previous versions might allow remote malicious users to execute arbitrary code via a long argument to the RCPT TO command.
/*
=============================================================
0-day RCPT TO DoS Exploit for QK SMTP version 301 and lower
=============================================================
Exploit affects a format string error in the RCPT TO command
in which the program attempts to print out the string back
to the console screen of the application ...
#!/bin/perl
#
#wwwsecurityfocuscom/bid/20681
#
# tested on winXp Pro SP0 English/winXp Pro SP2 Italian/win 2k SP4 Italian/English return address is universal
# bind a remote cmdexe on target host on 4444 port; based on expanders original exploit
# credit to Greg Linares for discovered the vulnerability
# thanks to hdm and vlads902 for ori ...