SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   GMS Mail (NTMail) Vendors:   Gordano
Gordano's NTMail Mail Server Web Services Can Be Crashed Remotely By Any User Sending a Long URL Request
SecurityTracker Alert ID:  1001131
SecurityTracker URL:  http://securitytracker.com/id/1001131
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Mar 20 2001
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): V6.0.3c for Windows NT/2000
Description:   Defcom Labs discovered a vulnerablility in Gordano's NTMail e-mail server that could allow a remote user to cause the mail server's web services to crash.

In Defcom Labs Advisory def-2001-13, it is reported that the web services on TCP ports 8000 and 9000 are both vulnerable to a "LongURL attack". Sending a URL request larger than 255 characters will crash the service.

A crash will reportedly take down the services listening on TCP ports: 8000 (NTMail configuration), 8025, 8080, 8888 and 9000 (GLWebMail).

Impact:   Any remote user can cause the web services (but not the mail server itself) to crash.
Solution:   Install the vendor patch: ftp://ftp.gordano.com/ntmail6/hotfixes/ntmail6C_Intel_20010317.zip
Vendor URL:  www.gordano.com/selector.htm?ChangeNode=Home.Products.NTMail (Links to External Site)
Cause:   Boundary error
Underlying OS:  Windows (NT), Windows (2000)

Message History:   None.


 Source Message Contents

Subject:  def-2001-13: NTMail Web Services DoS


======================================================================
                  Defcom Labs Advisory def-2001-13

                      NTMail Web Services DoS

Release Date: 2001-03-20
======================================================================
------------------------=[Brief Description]=-------------------------
NTMails web services contain a flaw that could allow a malicious
attacker to crash the web services using a malformed URL.

------------------------=[Affected Systems]=--------------------------
- NTMail V6.0.3c for Windows NT/2000

----------------------=[Detailed Description]=------------------------
It appears that while fixing another URL related problem, Gordano
accidently introduced a new one. The web services on TCP ports 8000
and 9000 are both vulnerable to a "LongURL attack". That means that a
request larger than 255 characters will crash the service.

A crash will take down the services listening on TCP ports:
8000 (NTMail configuration), 8025, 8080, 8888 and 9000 (GLWebMail).

---------------------------=[Workaround]=-----------------------------
Install the patch located at:
ftp://ftp.gordano.com/ntmail6/hotfixes/ntmail6C_Intel_20010317.zip

-------------------------=[Vendor Response]=--------------------------
This issue was brought to the vendor's attention on the 9th of
March, 2001 and a patch was released by the vendor on the 17th
of March 2001.

======================================================================
            This release was brought to you by Defcom Labs

              labs@defcom.com             www.defcom.com
======================================================================

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC