Topic: Special device access in The Bat!
Author: 3APA3A <3APA3A@security.nnov.ru>
Date: February, 25 2002
Software: The Bat! 1.53d, 1.54beta
Vendor: Ritlabs (http://www.thebat.net)
Risk: Low to average
Vendor Status: Notified, not verified
The Bat! has special device access bug. If The Bat! is configured to
save attachment apart from message bodies and file has a name of special
device The Bat! will attempt to open special device. This kind of bug
was described in . This bug was probably reintroduced in one of
latest version, because our previous test with this product 6 months ago
It's not clear at that moment if it's possible to write special device
(for example to send attached file to printer or COM port), but this bug
definitely can be used as a DoS attack against The Bat!. After this
message The Bat! stops receiving of any messages (sometimes absolutely
silent, sometimes warning displayed that file can't be open).
Disable "Keep attachment files separately" option or use
Account/Dispatch Mail On Server option to delete problematic message
Vendor was contacted twice on February, 19. No replies received.
bash-2.03$ sendmail -U email@example.com
Content-Type: apllication/exe; name=lpt1
 SECURITY.NNOV: Multiple archivers special DOS/Windows