Published: 10/03/2017 Updated: 15/03/2017

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

In Azure Data Expert Ultimate 2.2.16, the SMTP verification function suffers from a buffer overflow vulnerability, leading to remote code execution. The attack vector is a crafted SMTP daemon that sends a long 220 (aka "Service ready") string.

Vulnerable Product	Search on Vulmon	Subscribe to Product
azure dex data expert ultimate 2.2.16

# Exploit Title: Azure Data Expert Ultimate 2216 – buffer overflow # Date: 2017-03-07 # Exploit Author: Peter Baris # Vendor Homepage: wwwsaptech-erpcomau # Software Link: wwwazuredexcom/downloadshtml # Version: 2216 # Tested on: Windows Server 2008 R2 Standard x64 # CVE : CVE-2017-6506 # The same method is used in the sy ...

Azure Data Expert Ultimate version 2216 suffers from a buffer overflow vulnerability ...

CWE-119 https://www.exploit-db.com/exploits/41545/http://packetstormsecurity.com/files/141502/Azure-Data-Expert-Ultimate-2.2.16-Buffer-Overflow.html http://www.securityfocus.com/bid/96824 https://nvd.nist.gov https://www.exploit-db.com/exploits/41545/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2017-6506

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect