Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Win2KSecurity Advice> 1999-q4

NTSecAdvice Archives: Multiples Remotes DoS Attacks in Artisoft

Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability

Ussr Labs (labsUSSRBACK.COM)
Wed, 10 Nov 1999 06:37:00 -0300

Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Next message: MJE: "Re: Microsoft Security Bulletin (MS99-048)"
Previous message: Ussr Labs: "Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability"

PROBLEM:
UssrLabs found multiple places in XtraMail v1.11 where they do not use
proper bounds checking.
The following all result in a Denial of Service against the service in
question.

Example:
The pop3 (110) service has an overflow in the login function.
+OK XtraMail POP3 Server (v1.11 69970090850) for Windows 95 ready at Wed, 10
Nov
99 06:14:18 +-300
user itsme
+OK <itsme>
pass (buffer)

Where buffer is 1500 characters.

The SMTP (25) service has an overflow in the login function.
220 XtraMail SMTP Server (v1.11 69970090850) for Windows 95 ready at Wed, 10
Nov
99 06:16:14 +-300
helo (buffer)
Where buffer is 10000 characters.

The Control Service (32000) service has an overflow in the login function.
XtraMail Control Service (v1.11 69970090850) for Windows 95 ready at Wed, 10
Nov
99 06:20:11 +-300
Username: (buffer)
Where buffer is 10000 characters.

Vendor Status:
Not Contacted

Vendor Url: http://www.artisoft.com/
Program Url: http://netsales.net/pk.wcgi/artisoft/xtramail

Credit: USSRLABS

SOLUTION
Nothing yet.

Next message: MJE: "Re: Microsoft Security Bulletin (MS99-048)"
Previous message: Ussr Labs: "Remote DoS Attack in QVT/Term 'Plus' 4.2d FTP Server Vulnerability"

This archive was generated by hypermail 2.0b3 on Wed Nov 10 1999 - 08:38:29 CST