SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com






Category:   Application (E-mail Server)  >   CMail Vendors:   Computalynx Limited
Computalynx CMail POP3 Server Memory Flaw Allows Remote Users to Crash the System
SecurityTracker Alert ID:  1005179
SecurityTracker URL:  http://securitytracker.com/id/1005179
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Sep 4 2002
Impact:   Denial of service via network

Version(s): 2.4, 2.4.7, 2.4.12 AV, and 2.4.12
Description:   A denial of service vulnerability was reported in the CMail POP3 mail server. A remote user can cause the mail server and possibly the entire system to crash.

SecurityFocus reported that there is a memory corruption vulnerability in CMail. Certain requests are not properly processed. A remote user can submit a specially crafted request (such as a DELE request) to the POP3 server to cause the system to crash.

SecurityFocus credits discovery of this bug to yates [at] reverse-engineering.info, but does not indicate where the bug was reported.

Impact:   A remote user can send specially crafted commands to the mail server to cause it to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.computalynx.net/cmail/mail_server.htm (Links to External Site)
Cause:   Exception handling error
Underlying OS:   Windows (NT), Windows (95), Windows (98)

Message History:   None.


 Source Message Contents

Date:  Tue, 03 Sep 2002 16:19:02 -0400
Subject:  CMail denial of service bug


SecurityFocus reported a denial of service vulnerability in the CMail
POP3 Server. 

According to their report, there is a memory corruption vulnerability in
CMail.  Certain requests are not properly processed.  A remote user can
submit a specially crafted request (such as a DELE request) to the POP3
server to cause the system to crash.

Versions 2.4, 2.4.7, 2.4.12 AV, and 2.4.12 are reportedly affected.
 
SecurityFocus credits discovery of this bug to yates [at]
reverse-engineering.info, but does not indicate where the bug was
reported.

Vendor URLs:

http://www.computalynx.net/
http://www.computalynx.net/cmail/mail_server.htm


 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

Copyright 2014, SecurityGlobal.net LLC