See-security Advisory: Format string vulnerability in MailEnable 1.8

##################################################################
# #
# See-security Technologies ltd. #
# #
# http://www.see-security.com #
# #
##################################################################

[-] Product Information
MailEnable Standard Edition provides robust SMTP and POP3 services for Windows NT/2000/XP/2003 systems.

[-] Vulnerability Description
MailEnable contains a format string vulnerability in the it handles SMTP mailto: requests

[-] Exploit
Proof of concept exploit code is available at http://www.hackingdefined.com/exploits/mailenable.tar.gz

[-] Credits
The vulnerability was discovered by Mati Aharoni
Received on Mar 17 2005