Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
AppleShare IP Mail ServerChris Wedgwood (chrisCYBERNET.CO.NZ)
Wed, 8 Apr 1998 13:11:17 +1200
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: David Luyer: "Re: AppleShare IP Mail Server"
- Previous message: Glenn F. Maynard: "QW vulnerability"
- Next in thread: David Luyer: "Re: AppleShare IP Mail Server"
[Yet another buffer overrun? - I hope this isn't getting monotonous] I noticed this a while back but haven't seen any else mention it. There appears to be what looks like a buffer overrun problem with AppleShare IP Mail Server. If you connect to the SMTP port and issue a long string (say 500 bytes or so) the server crashes - and because its a Mac, it usually crashed the whole machine to the point where it needs a reboot. So far I've only tested against servers which emit the banner 'AppleShare IP Mail Server 5.0.3' For example: $ telnet some.where Trying 18.104.22.168... Connected to some.where. Escape character is '^]'. 220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX [ and it just hangs ] $ ping some.where [ ...nothing... ] Physically checking the machine shows it has `locked up' and it a reboot. I assume if you can cause a crash without the lockup then you might be able to execute code and so something useful (on a Mac?). -cw