(Fix Available) Re: Mercury Mail Transport System POP3 Server for Netware Allows Remote Users to Crash the Server
|
|
SecurityTracker Alert ID: 1001403 |
|
SecurityTracker URL: http://securitytracker.com/id/1001403
|
|
CVE Reference:
GENERIC-MAP-NOMATCH
(Links to External Site)
|
Date: Apr 23 2001
|
Impact:
Denial of service via network, Execution of arbitrary code via network
|
Fix Available: Yes
|
Version(s): prior to 1.48
|
Description:
It is reported that the Mercury Mail Transport System POP3 server for Netware contains a vulnerability that allows remote users to crash the server.
The report indicates that all versions prior to 1.48 contain a buffer overflow allowing remote users to crash the Netware server. The following is a demonstration exploit that should trigger this vulnerability:
perl -e 'print "APOP " . "a"x2048 . " " . "a"x2048 . "\r\n"' | nc host 110
The author reports that it may be possible for remote users to execute arbitrary code on the server.
|
Impact:
A remote user can cause the Netware server to crash.
|
Solution:
Upgrade to version 1.48
|
Vendor URL: www.pmail.com/ (Links to External Site)
|
Cause:
Boundary error
|
Underlying OS:
|
|
Message History:
This archive entry is a follow-up to the message listed below.
|
Source Message Contents
|
Date: Sun, 22 Apr 2001 20:30:15 +0200
Subject: Re: Mercury for NetWare POP3 server vulnerable to remote buffer
|
On Sat, Apr 21, 2001 at 10:52:15AM +0200, Przemyslaw Frasunek wrote:
> All versions of widely-used POP3 server from Mercury MTA package for Netware
> are vulnerable to remote buffer overflow allowing to crash Netware server:
Actually, problem was fixed in Mercury 1.48, but no advisory was issued
and older versions are still in wide use. All Mercury-based servers
should be immediately updated.
--
* Fido: 2:480/124 ** WWW: http://www.frasunek.com/ ** NIC-HDL: PMF9-RIPE *
* Inet: przemyslaw@frasunek.com ** PGP: D48684904685DF43EA93AFA13BE170BF *
|
|
