what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

SurgeMail_73b8_fmt_06_060.txt

SurgeMail_73b8_fmt_06_060.txt
Posted Jul 11, 2007
Authored by Nico Leidecker | Site portcullis-security.com

SurgeMail version 3.7b8 Linux suffers from a format string vulnerability.

tags | advisory
systems | linux
SHA-256 | 525c089d7648287aa57c4e50b8da924fae9c965e876911b34796cfc782d2004e
Download | Favorite | View

SurgeMail_73b8_fmt_06_060.txt

Change Mirror Download
Portcullis Security Advisory 06-060


Vulnerable System:

SurgeMail.


Vulnerability Title:

SurgeMail is prone to a format string vulnerability.


Vulnerability discovery and development: 

Portcullis Security Testing Services discovered this vulnerability. 
Further research was then carried out.


Credit For Discovery:

Nico Leidecker - Portcullis Computer Security Ltd.


Affected systems: 

Version 3.7b8 Linux and maybe previous versions and on other platforms.


Details:

SurgeMail offers the ability to charge the recipients a fee for receiving 
emails from certain addresses. As soon as such an email comes in, a 
notification email containing the amount payable is composed and sent to the 
user requesting payment.  A user with the privileges allowing them to change 
these amounts is then able to exploit a format string vulnerability, caused by 
the abdiction of an explicit format string while using the amount value as 
parameter in such a function. Furthermore, the amount value can consist of 
arbitrary characters.


Impact:

An attacker could cause a Denial of Service or execute arbitrary code in the 
context of the server.


Exploit:

The proof of concept exploit code is available.


Vendor Status:

Vendor notified. The vulnerability has been fixed.


Copyright:

Copyright © Portcullis Computer Security Limited 2005, All rights reserved 
worldwide.

Permission is hereby granted for the electronic redistribution of this 
information. It is not to be edited or altered in any way without the express 
written consent of Portcullis Computer Security Limited.


Disclaimer: 

The information herein contained may change without notice. Use of this 
information constitutes acceptance for use in an AS IS condition. There are NO 
warranties, implied or otherwise, with regard to this information or its use. 
Any use of this information is at the user's risk. In no event shall the 
author/distributor (Portcullis Computer Security Limited) be held liable for 
any damages whatsoever arising out of or in connection with the use or spread 
of this information.
Login or Register to add favorites

File Archive:

April 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Apr 1st
    10 Files
  • 2
    Apr 2nd
    26 Files
  • 3
    Apr 3rd
    40 Files
  • 4
    Apr 4th
    6 Files
  • 5
    Apr 5th
    26 Files
  • 6
    Apr 6th
    0 Files
  • 7
    Apr 7th
    0 Files
  • 8
    Apr 8th
    22 Files
  • 9
    Apr 9th
    14 Files
  • 10
    Apr 10th
    10 Files
  • 11
    Apr 11th
    13 Files
  • 12
    Apr 12th
    14 Files
  • 13
    Apr 13th
    0 Files
  • 14
    Apr 14th
    0 Files
  • 15
    Apr 15th
    30 Files
  • 16
    Apr 16th
    10 Files
  • 17
    Apr 17th
    22 Files
  • 18
    Apr 18th
    45 Files
  • 19
    Apr 19th
    8 Files
  • 20
    Apr 20th
    0 Files
  • 21
    Apr 21st
    0 Files
  • 22
    Apr 22nd
    11 Files
  • 23
    Apr 23rd
    68 Files
  • 24
    Apr 24th
    23 Files
  • 25
    Apr 25th
    0 Files
  • 26
    Apr 26th
    0 Files
  • 27
    Apr 27th
    0 Files
  • 28
    Apr 28th
    0 Files
  • 29
    Apr 29th
    0 Files
  • 30
    Apr 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close