QwikMail 0.3 - 'HELO' Buffer Overflow (PoC)

Author: Jonathan Rockway
type: dos
platform: linux
port: 
date_added: 2004-12-15  
date_updated: 2013-04-25  
verified: 1  
codes: CVE-2004-1291;OSVDB-12465  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 25004.txt  

source: www.securityfocus.com/bid/11989/info

QwikMail (qwik-smtpd) is reported prone to a remotely exploitable buffer overflow vulnerability. The issue is due to insufficient bounds checking of client-supplied SMTP HELO request data.

This issue could theoretically be exploited to execute arbitrary code. Due to the memory layout, it is also reportedly possible to overwrite an adjacent buffer in a manner that will allow a remote attacker to abuse the server as an unauthorized mail relay.

HELO AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA127.0.0.1