Avirt Rover 1.1 Buffer Overflow - 27 Dec 1999

 
Avirt Rover POP3 Server Overflow
Reported December 27, 1999 by
USSRLabs

VERSIONS AFFECTED
Avirt Rover POP3 Server v1.1

DESCRIPTION

Rover POP3 Server is a software package that includes POP3 and SMTP services. The POP3 service was discovered to contain a buffer overflow condition that can crash the server.

DEMONSTRATION

By sending 10,000 characters as the user name, the buffer will overflow and crash the service.

VENDOR RESPONSE

Avirt has been contacted regarding this matter. Rover has been phased out, so users should migrate their mail platform to Avirt Mail 3.5 or Avirt Mail v4 RC1.

CREDITS
Discovered by
USSRLabs

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish