Cerberus Information Security Advisory (CISADV000504) - The Cerberus Security Team has found a remotely exploitable buffer overrun in Netwin's (http://netwinsite.com) DMailWeb (dmailweb/dmailweb.exe v2.5d), CGI program designed to give access to a user's SMTP and POP3 server over the world wide web. By supplying a specially formed QUERY_STRING to the program a buffer is overflowed allowing execution of arbitrary code compromising the web server.
47a0edd015b1f01cce3d508c12cc5b2cf7330ba998a12a9c7aaf7acfd187723d