Active MailServer Can Be Crashed By Remote Users
|
|
SecurityTracker Alert ID: 1007033
|
|
CVE Reference: GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Jun 23 2003
|
Impact: Denial of service via network
|
Exploit Included: Yes
|
Version(s): 2002
|
Description: Ziv Kamir reported a denial of service vulnerability in the NGC Active MailServer. A remote user can cause the mail server to crash.
It is reported that a remote user can supply a specially crafted "HELO" or "MAIL FROM" or "RCPT TO" command to trigger a buffer overflow
and cause the mail service to crash. According to the report, a buffer size of 33,000 bytes is required to trigger a crash.
The
vendor has reportedly been notified (on June 19, 2003).
|
Impact: A remote user can cause the mail service to crash.
|
Solution: No solution was available at the time of this entry.
|
Vendor URL: www.nextgen.dk/ (Links to External Site)
|
Cause: Boundary error
|
Underlying OS: Windows (Any)
|
Reported By: Ziv Kamir <vulncode@yahoo.com>
|
Message History:
None.
|
Source Message Contents
|
Date: Sat, 21 Jun 2003 15:25:27 -0700 (PDT)
From: Ziv Kamir <vulncode@yahoo.com>
Subject: Vulnerability Under NGC Active MailServer 2002
|
This is a multi-part message in MIME format.
--------------020904040207070303050704
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Hi ,
------------------------------------------------------------------------
Do you Yahoo!?
The New Yahoo! Search
<http://us.rd.yahoo.com/search/mailsig/*http://search.yahoo.com> -
Faster. Easier. Bingo.
--------------020904040207070303050704
Content-Type: text/plain;
name="Active-MS.txt"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Active-MS.txt"
21/06/03
Ziv Kamir
---------
-------------------------------------------------------
Application: NGC Active MailServer 2002
Web Site: http://www.nextgen.dk/
Versions: 2002
Platform: Windows
Bug: Buffer Overflow .
Credits:
########
#################################
# #
# Ziv Kamir #
# #
# Email : vulncode@yahoo.com #
# #
# #
#################################
---------------------
1) Introduction
2) Bug
3) The Code
4) Fix
===============
1) Introduction
===============
A POP3 Mailserver for personal use. With Active MailServer you can setup as many mailboxes as you wis
h, if you have your own domaine
and IP to point at it. Many xDSL users have that, and with this 'easy to setup and configure' MailSe
rver, you can create all the
needed email adresses, you can ever dream of.
=======
2) Bug
=======
Any remote attacker Can "kill" NGC Active MailServer by sending a large amount of data into
the "HELO" or "MAIL FROM" or "RCPT TO"
The buffer will overflow . ( <AAAAA....[Buffer size 33,000 Bytes]> )
===========
3) The Code
===========
======
4) Fix
======
Date of Vendor Notification:
19/06/03
Status:
==============================================================================================
*** The Data is for educational purpose only. ***
The information in this bulletin is provided "AS IS" without warranty of any
kind. In no event shall we be liable for any damages whatsoever including
direct, indirect, incidental, consequential, loss of business profits or special damages.
==============================================================================================
--------------020904040207070303050704--
|
|
