Bugtraq mailing list archives
DST2K0006: Denial of Service Possibility in Imate WebMail Server v2.5
From: securityteam () DELPHISPLC COM (Security Team)
Date: Thu, 1 Jun 2000 08:43:27 +0100
========================================================================== ====== Delphis Consulting Plc ========================================================================== ====== Security Team Advisories [26/05/2000] securityteam () delphisplc com [http://www.delphisplc.com/thinking/whitepapers/] ========================================================================== ====== Adv : DST2K0006 Title : Denial of Service Possibility Author : DCIST (securityteam () delphisplc com) O/S : Microsoft Windows NT v4.0 Workstation (SP6) Product : Imate WebMail Server v2.5 Date : 26/05/2000 I. Description II. Solution III. Disclaimer ========================================================================== ====== I. Description ========================================================================== ====== Delphis Consulting Internet Security Team (DCIST) discovered the following vulnerability in the Imate WebMail Server under Windows NT. Sending an email via SMTP to an Imate WebMail Server with a server name of 1119 characters will cause the SMTP server to stop running. The service must be restarted manually. Example: Telnet host 25 HELO <Ax1119> II. Solution ========================================================================== ====== Vendor Status: Informed Catware have an upgrade available from their support department. Delphis would like to take this opportunity to thank Catware for responding so quickly (within 24hrs), and having a working fix within 96hrs. III. Disclaimer ========================================================================== ====== THE INFORMATION CONTAINED IN THIS ADVISORY IS BELIEVED TO BE ACCURATE AT THE TIME OF PRINTING, BUT NO REPRESENTATION OR WARRANTY IS GIVEN, EXPRESS OR IMPLIED, AS TO ITS ACCURACY OR COMPLETENESS. NEITHER THE AUTHOR NOR THE PUBLISHER ACCEPTS ANY LIABILITY WHATSOEVER FOR ANY DIRECT, INDIRECT OR CONSEQUENTIAL LOSS OR DAMAGE ARISING IN ANY WAY FROM ANY USE OF, OR RELIANCE PLACED ON, THIS INFORMATION FOR ANY PURPOSE. ========================================================================== ======
Current thread:
- DST2K0006: Denial of Service Possibility in Imate WebMail Server v2.5 Security Team (Jun 01)