David Colliver wrote: > Try this > http://secunia.com/advisories/22559/ > > There are two mentions of it. This one for SMTP, the other for the > POP3.
Only, there's neither a SMTP nor a POP3 server shipped with ICS. You propably need to rework your code. -- Arno Garrels [TeamICS] http://www.overbyte.be/eng/overbyte/teamics.html > > This one has more information, including code to exploit it. > http://www.securityfocus.com/bid/20709 > > I am just about to upload a probable fix to my initial server. > > Best regards, > Dave Colliver. > http://www.AshfieldFOCUS.com > ~~ > http://www.FOCUSPortals.com - Local franchises available > ----- Original Message ----- > From: "Arno Garrels" <[EMAIL PROTECTED]> > To: "ICS support mailing" <twsocket@elists.org> > Sent: Friday, March 16, 2007 8:16 PM > Subject: Re: [twsocket] Buffer overflow in SMTP > > >> David Colliver wrote: >>> Hi Piotr, >>> >>> I just happened to come across the vulnerability as someone has >>> reported it on many security websites. >> >> Any links? >> >> BTW: You talked about client components ( SMTP or POP3 ? ), targets >> of buffer overflow-attacks usually are servers, otherwise the >> server was the attacker. >> >> -- >> Arno Garrels [TeamICS] >> http://www.overbyte.be/eng/overbyte/teamics.html >> >> >> >> >> >> -- >> To unsubscribe or change your settings for TWSocket mailing list >> please goto http://www.elists.org/mailman/listinfo/twsocket >> Visit our website at http://www.overbyte.be -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
