Users login

Create an account »


Users login

Home » Hacking News » libesmtp read_smtp_response() buffer overflow

libesmtp read_smtp_response() buffer overflow

by Mario Miri on April 9th, 2003 A buffer overflow attack is possible on libesmtp function read_smtp_response(). If user is connected to the attacker controlled SMTP server, the attacker could return specially crafted SMTP response which would result in buffer overflow and possible code execution.

GNOME Balsa 1.1.7
GNOME Balsa 1.2.4
GNOME Balsa 2.0.6
libesmtp 0.8.4
libesmtp 0.8.9
libesmtp 0.8.10
libesmtp 0.8.10p1

Patches are available from the following location:

Discovered by:
Reported in the product ChangeLog.

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.


Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »