Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

DST2K0006: Denial of Service Possibility in Imate WebMail Server v2.5

From: securityteam () DELPHISPLC COM (Security Team)
Date: Thu, 1 Jun 2000 08:43:27 +0100


==========================================================================
======
                               Delphis Consulting Plc
==========================================================================
======

                                     Security Team Advisories
                                  [26/05/2000]


                           securityteam () delphisplc com
                [http://www.delphisplc.com/thinking/whitepapers/]
      
==========================================================================
======
Adv   :       DST2K0006
Title :       Denial of Service Possibility
Author        :       DCIST (securityteam () delphisplc com)
O/S   :       Microsoft Windows NT v4.0 Workstation (SP6)
Product       :       Imate WebMail Server v2.5
Date  :       26/05/2000

I.    Description

II.   Solution

III.  Disclaimer


==========================================================================
======


I. Description
==========================================================================
======

Delphis Consulting Internet Security Team (DCIST) discovered the following
vulnerability in the Imate WebMail Server under Windows NT.

Sending an email via SMTP to an Imate WebMail Server with a server name of
1119 characters will cause the SMTP server to stop running.  The service
must
be restarted manually.

Example:
Telnet host 25
HELO <Ax1119>


II. Solution
==========================================================================
======

Vendor Status: Informed
Catware have an upgrade available from their support department. Delphis
would like to take this
opportunity to thank Catware for responding so quickly (within 24hrs), and
having a working fix within 96hrs.

III. Disclaimer
==========================================================================
======
THE INFORMATION CONTAINED IN THIS ADVISORY IS BELIEVED TO BE ACCURATE AT
THE TIME OF PRINTING, BUT NO REPRESENTATION OR WARRANTY IS GIVEN, EXPRESS
OR
IMPLIED, AS TO ITS ACCURACY OR COMPLETENESS.  NEITHER THE AUTHOR NOR THE
PUBLISHER ACCEPTS ANY LIABILITY WHATSOEVER FOR ANY DIRECT, INDIRECT OR
CONSEQUENTIAL LOSS OR DAMAGE ARISING IN ANY WAY FROM ANY USE OF, OR
RELIANCE
PLACED ON, THIS INFORMATION FOR ANY PURPOSE.
==========================================================================
======
Previous By Date Next
Previous By Thread Next

Current thread: