We found a remotely exploitable buffer overflow
in the Avirt Mail Server 3.3a and a D.o.S in the version 3.5,
(long USER / PASS:)
that may allow an attacker to execute arbitrary
code on the target server,
[cham@guilt cham]$ telnet example.com 110
Connected to example.com.
Escape character is '^]'.
+OK aVirt Mail POP3 Server Ready
Where [buffer] is aprox. 856 characters. At his
point the server overflows and crashes.
Just a typical buffer overflow
Published by: USSRBACK
u n d e r g r o u n d s e c u r i t y s y s t e
m s r e s e a r c h