Vulnerabilities > CVE-2003-1192 - Buffer Overrun vulnerability in IA WebMail Server Long GET Request
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 2 |
Exploit-Db
description IA WebMail 3.x Buffer Overflow. CVE-2003-1192. Remote exploit for windows platform id EDB-ID:16767 last seen 2016-02-02 modified 2010-05-09 published 2010-05-09 reporter metasploit source https://www.exploit-db.com/download/16767/ title IA WebMail 3.x - Buffer Overflow description IA WebMail Server 3.0/3.1 Long GET Request Buffer Overrun Vulnerability. CVE-2003-1192. Remote exploit for windows platform id EDB-ID:23334 last seen 2016-02-02 modified 2003-11-03 published 2003-11-03 reporter Peter Winter-Smith source https://www.exploit-db.com/download/23334/ title IA WebMail Server 3.0/3.1 Long GET Request Buffer Overrun Vulnerability description IA WebMail 3.x (iaregdll.dll version 1.0.0.5) Remote Exploit. CVE-2003-1192. Remote exploit for windows platform id EDB-ID:124 last seen 2016-01-31 modified 2003-11-19 published 2003-11-19 reporter Peter Winter-Smith source https://www.exploit-db.com/download/124/ title IA WebMail 3.x - iaregdll.dll 1.0.0.5 Remote Exploit
Metasploit
| description | This exploits a stack buffer overflow in the IA WebMail server. This exploit has not been tested against a live system at this time. |
| id | MSF:EXPLOIT/WINDOWS/HTTP/IA_WEBMAIL |
| last seen | 2020-05-23 |
| modified | 2017-07-24 |
| published | 2006-10-03 |
| references | |
| reporter | Rapid7 |
| source | https://github.com/rapid7/metasploit-framework/blob/master//modules/exploits/windows/http/ia_webmail.rb |
| title | IA WebMail 3.x Buffer Overflow |
Packetstorm
| data source | https://packetstormsecurity.com/files/download/82938/ia_webmail.rb.txt |
| id | PACKETSTORM:82938 |
| last seen | 2016-12-05 |
| published | 2009-11-26 |
| reporter | H D Moore |
| source | https://packetstormsecurity.com/files/82938/IA-WebMail-3.x-Buffer-Overflow.html |
| title | IA WebMail 3.x Buffer Overflow |
References
- http://secunia.com/advisories/10107
- http://securitytracker.com/id?1008075
- http://www.derkeiler.com/Mailing-Lists/VulnWatch/2003-11/0001.html
- http://www.elitehaven.net/iawebmail.txt
- http://www.osvdb.org/2757
- http://www.securiteam.com/windowsntfocus/6B002158UQ.html
- http://www.securityfocus.com/bid/8965
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13580