From: Strcpy (elite_netbios@yahoo.com)
Date: Fri Jul 16 2004 - 11:14:34 EDT
Hi list
I`m asked to do a pen-test on some servers.
during the test I found one , running the
IPSwitch I-mail 7.0.7 on a 2K-SP4 host.
well , as you may know this version is vulnerable to
the "web messageing " overflow which is reported
as BID 5323 . there is also a POC provided.
to become sure and a well pen-test I`d exploit this
bug . the code is optimised for this version of dll :
IMailsec.dll v.2.6.17.28
which is NOT my specific version . I don`t have
I-mail 7.0.7 localy installed to exactly know which
version of DLL it use .
Can anyone help me by providing me the return-address
of Imail 7.0.7`s DLL , to use in code?
or even better a brife hint to teach me how to
determine it myself .
and another question :
is it possible to do a brute-force to find
address in this bug ?
thnx so much
H.k
__________________________________
Do you Yahoo!?
Yahoo! Mail - 50x more storage than other providers!
http://promotions.yahoo.com/new_mail
This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:53:57 EDT