Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
Subject: FW: remote DoS on Internet Anywhere Mail Server Ver.3.1.3
From: MJE (markNTSHOP.NET)
Date: Fri Feb 11 2000 - 11:26:36 CST
- Next message: MJE: "FW: Multiple firewalls: FTP Application Level Gateway "PASV" Vulnerability"
- Previous message: MJE: "ASP Security Hole (fwd)"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I've reported DoS probrems on Internet Anywhere Mail Server Ver.3.1.3
to supporttnsoft.com on 3rd Dec,99. They started to develop the fix.
But they said "we'll release the fix in couple of weeks" three times.
I've discussed with Jeff Moll(President of True North Software, Inc.)
and he allowed me to post these vulnerabilities.
1. RETR DoS in POP service
+OK POP3 Welcome to somewhere.domain using the Internet Anywhere
Mail Server Version: 3.1.3. Build: 1065 by True North Software,
That's all. The Server could be dead at a little bit after
atoi(). They should check return value of atoi().
2. multiple connections to port 25 DoS
This is simple game, too.
Too much connect()s about 3000, then you will see connection
refused. After that, too much connect()s again about 800, then
you can't connect anymore.
It depends on memory size(I tested on 128MB RAM,total 256MB).
They should check connection status.
Moderator of BUGTRAQ-JP
<Nobuo Miwa> n-miwalac.co.jp ( ) http://www.lac.co.jp/security/
** TO UNSUBSCRIBE, send the command "UNSUBSCRIBE win2ksecadvice"
** FOR A WEEKLY DIGEST, send the command "SET win2ksecadvice DIGEST"
SEND ALL COMMANDS TO: listservlistserv.ntsecurity.net