Security Basics mailing list archives
Imail 8.13 - known DoS vulnerabilities?
From: Jeff <secfocus () bedrox com>
Date: Fri, 15 Oct 2004 20:31:12 -0400 (EDT)
While running periodic NeWT (nessus) scans against several Imail 8.x servers I manage, I've noticed that when set to run all filters (including the "dangerous" ones), the Imail SMTP service crashes. I've included a few snippets from the report below. I've grown to really like Imail, but it seems like a trivial matter to commit a Denial of Service if the SMTP service is so fragile. Microsoft's SMTP server withstands the same abuse without flinching. Any thoughts or comments -------------------------------- The remote SMTP server crashes when it is send a command with a too long argument. A cracker might use this flaw to kill this service or worse, execute arbitrary code on your server. Solution : upgrade your MTA or change it. Risk factor : High Plugin ID : 11772 -------------------------------- The remote POP3 server might be vulnerable to a buffer overflow bug when it is issued at least one of these commands, with a too long argument : auth user pass If confirmed, this problem might allow an attacker to execute arbitrary code on the remote system, thus giving him an interactive session on this host. <..snip..> Plugin ID : 10184 --------------------------------
Current thread:
- Imail 8.13 - known DoS vulnerabilities? Jeff (Oct 18)