SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (E-mail Client)  >   Microsoft Outlook Express Vendors:   Microsoft
Microsoft Outlook Express Crashes When Reading Certain E-mail Messages
SecurityTracker Alert ID:  1001147
SecurityTracker URL:  http://securitytracker.com/id/1001147
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 23 2001
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 4.72
Description:   It is reported that Microsoft Outlook Express will crash when reading an e-mail message if there are too many characters in the "Newsgroups:" field of the message header.

A buffer overflow will occur if the "Newsgroups:" field in a received e-mail's standard SMTP header contains more than 700 characters.
Impact:   An attacker could send e-mail to a recipient that causes the recipient's Outlook Express e-mail client to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.microsoft.com/technet/security/ (Links to External Site)
Cause:   Boundary error
Underlying OS:   Windows (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Re: Microsoft Outlook Express Crashes When Reading Certain E-mail Messages   (Paul Schmehl <pauls@UTDALLAS.EDU>)
A user reports that a similar buffer overflow exists in the email "Subject:" header field of Outlook Express.


 Source Message Contents
Date:  Tue, 20 Feb 2001 23:21:06 -0700
Subject:  Local Bufferoverflow in OutlookExpress


This was forwarded from Vuln-Dev.  Looks like a pretty low risk to me
but........

-=-=-=-=-=-=-
Steve Manzuik
Moderator - Win2KSecAdvice
http://www.windowsitsecurity.com
-=-=-=-=-=-=-


------------------------------------------------------------

Made in Holland
PCP/A #0005 (pr0ph)


Local Bufferoverflow in OutlookExpress

Proved Vulnerable: OutlookExpress 4.72
Posted To: Bugtraq/Vuln-Dev mailinglists & Packetstorm



A buffer will overflow if your "Newsgroups:" field contains more than 700
chars. OE will close down with the following "Dr. Watson for Windows NT"
message:

"An application error has occured

and an application error log is being generated

msmn.exe
Exception access violation (0xc00000005), Address: 0x77f64d28"

This will also create a USER.DMP file in your WINNT directory. This file can
be used to extract passwords from, see my previous message to Bugtraq called
"NT stores passwords in plaintext (sp00ky)"


Another fine Planet Cazzz Production/Advisory, in assosiation with The
Nations Top. We cannot be held responsible for your actions, but you can
try. Made in Holland. PCP/A #0005 (pr0ph)


We want to say hell0 to all the Crackers, the Hackers and the Phreax. We
want to say hell0 to all the people in this place. We want to say hell0 to
all the Sinners and 31337. We say hell0 to all the people in the world...



-No Strezzz Cazzz, Powered By UN0X

Vengeance is here, its time to ressurect. Anger without phear....The
Bulld0zer Project !

_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listserv@listserv.ntsecurity.net


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2012, SecurityGlobal.net LLC