=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Вт, 28 дек 1999  01:24:36

   От: Ussr Labs <labs@USSRBACK.COM>

 Кому: BUGTRAQ@SECURITYFOCUS.COM

 Тема: Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt

--------------------------------------------------------------------------------




Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt



USSR Advisory Code:   USSR-99025



Release Date:

December 27, 1999 [1/5]



Systems Affected:

Rover POP3 Server V1.1 NT and possibly others versions.



About The Software:

Rover POP3 Server V1.1 NT From aVirt, is a full-featured Internet/Intranet

server software

package that includes: POP3, and SMTP ( Ports 25/110 )



THE PROBLEM



UssrLabs found a Local / Remote Buffer overflow,the buffer overflow is

caused by a long user name, 10000 characters, and the re-connection

to the Server.



Do you do the w00w00?

This advisory also acts as part of w00giving. This is another contribution

to w00giving for all you w00nderful people out there. You do know what

w00giving is don't you? http://www.w00w00.org/advisories.html



Binary or source for this Dos:



http://www.ussrback.com/



Vendor Status:

Contacted.



Vendor   Url: http://www.avirt.com/

Program Url: http://www.avirt.com/



Credit: USSRLABS



SOLUTION

Upgrade to: Avirt Mail 3.5 or Avirt Mail v4 RC1 (Rover now is a discontinued

Program).



Greetings:

Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and

Wiretrip.



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

http://www.ussrback.com