Recent Vulnerabilities Research Posts Trends Blog About Contact

Published: 25/03/2008 Updated: 29/09/2017

CVSS v2 Base Score: 9 | Impact Score: 10 | Exploitability Score: 8

VMScore: 905

Vector: AV:N/AC:L/Au:S/C:C/I:C/A:C

Stack-based buffer overflow in the IMAP service in NetWin Surgemail 3.8k4-4 and previous versions allows remote authenticated users to execute arbitrary code via a long first argument to the LIST command.

Vulnerable Product	Search on Vulmon	Subscribe to Product
netwin surgemail

#!/usr/bin/python ############################################################################### # # NetWin Surgemail 0DAY (IMAP POST AUTH) Remote LIST Universal Exploit # Discovered and coded by Matteo Memelli aka ryujin # wwwgray-worldnet wwwbe4mindcom # # Affected Versions : Version 38k4-4 Windows Platform # Tested on OS ...

CWE-119 http://www.netwinsite.com/surgemail/help/updates.htm http://secunia.com/advisories/29105 http://www.securityfocus.com/bid/28260 http://www.vupen.com/english/advisories/2008/0901/references https://www.exploit-db.com/exploits/5259 https://nvd.nist.gov https://www.exploit-db.com/exploits/5259/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-1498

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect