wOOgiving 99 -18- |
||||
|
Local / Remote D.o.S Attack in CSM Mail Server
for Windows 95/NT v.2000.08.A USSR Advisory Code: USSR-99027 Release Date: December 29, 1999 [3/5] Systems Affected: CSM Mail Server for Windows 95/NT and others old versions. Version: 2000-01A Version: 1999-07M Version: 1999-07I Version: 1999-07H Version: 1999-07G Version: 1999-07F Version: 1999-07b About The Software: CSM Mail Server for Windows 95/NT allows: * FIREWALL is usefull to reject unwanted calls to the SMTP server. * ANTI-SPAMMING is usefull to reject unwanted messages. * To define VIRTUAL DOMAINS which are physically manage by the server itself. * To define SECONDARY DOMAINS which are physically managed by the same or another server computer. * To ROUTE (send or receive) messages between itself and the Internet. * To ROUTE (send via SMTP) received message to the secondary domains. * To TRANSFER (send or receive) messages between itself and the worktations attached to the local area network (LAN). * To MANAGE the user mailboxes. * To DISRIBUTE the messages in the mailboxes. * It can be installed behind a Firewall or a CSM Proxy server. THE PROBLEM UssrLabs found a Local / Remote Buffer overflow,and maybe remotely exploitable buffer overflow, the overflow is caused by a (long HELO) in the login procedure. Example: [hellme@die-communitech.net$ telnet example.com 25 Trying example.com... Connected to example.com. Escape character is '^]'. 220 SMTP CSM Mail Server ready at ServerName.com (Version 2000.08.A - NT.4.0.1381) helo [buffer] Where [buffer] is aprox. 12000 characters. At his point the server overflows and crashes. Do you do the w00w00? This advisory also acts as part of w00giving. This is another contribution to w00giving for all you w00nderful people out there. You do know what w00giving is don't you? http://www.w00w00.org/advisories.html Vendor Status: Informed. Vendor Url: http://www.csm-usa.com Program Url: http://www.csm-usa.com/product/mailsrvr/ Credit: USSRLABS SOLUTION Noting yet :( Greetings: Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and Wiretrip. About the Ussrback.com Web Page, yesterday we take the web site offline we are moving to a new server, the web still down for 2 days more (dns changes). u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com |
Page d'accueil Nous écrire By mail Nous envoyer des commentaires By la page de le Feed-Back |
Nouveautés
et... |
Le Sommaire de Kitetoa (orientation...) Sommaire général du site |
Les
rubriques! Les
livres publiés par Kitetoa |
Les
rubriques! (suite) Les Let-R-s Des Images On s'en fout! KitEcout' KessTaVu? -KiteToile Voyages |
Les dossiers : Precision [ZataZ] Le monde fou des Admins Defcon Le hack le plus bizarre Guerre de l'info Convention contre la cyber-criminalité Hack |
Questionnaire visant à améliorer le contenu de ce site si c'est possible et pas trop compliqué |
Rechercher sur le site ...et sur le Net Des liens et D'autres choses du Ouèb |