SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   BaSoMail (MailServer by SH39.NET) Vendors:   Baardsen Software
BaSoMail Mail Service Can Be Denied By Remote Users Opening Many Connections
SecurityTracker Alert ID:  1008912
SecurityTracker URL:  http://securitytracker.com/id/1008912
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 3 2004
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 1.24
Description:   A denial of service vulnerability was reported in BaSoMail. A remote user can cause the mail service to become unavailable.

Dr_insane and r34ct team reported that a remote user can establish multiple connections (less than 500) to the target server on port 25 or 110 to cause the target server's CPU utilization to reach 100%. No further mail connections will be accepted, according to the report.

Impact:   A remote user can cause the mail service (both POP3 and SMTP) to become unavailable and the CPU utilization on the target system to reach 100%.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.baso.no/load.asp?id=4 (Links to External Site)
Cause:   Resource error, State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  http://members.lycos.co.uk/r34ct/main/Baso_mail/Baso_1.24.txt


BaSoMail 1.24 DOS


Systems affected:
-----------------
BaSoMail 1.24

Risk:
-----
Low

Date:
------
30 february 2004

Legal Notice:
-------------
This Advisory is Copyright (c) 2004 r34ct team. You may distribute it unmodified.
You may not modify it and distribute it or distribute parts of it without the author's
written permission.


Description:
------------
MailServer by BaSoMail is a fully functional SMTP / POP3 server for Windows 95 / 98 / ME / 
NT / 2000, which will
let your computer turn into a email server system. It's compact and does not have any 
specific requirements. And
what is the most important- it's very easy to use. It's ideal for small firms and home 
networks.  It will take care
of all your email on a local network, whether connected to Internet or not.

Details:
--------
It is possible to create a denial of service attack on BaSoMail 1.24 server by 
establishing multiple connections(<500) on
port 25(smtp) or port 110(pop3). Cpu usage will go 100% and computer will become unusable. 
Furthermore, the mail server
will not accept new connections but it won't crash.

pr00f of concept exploit:
-------------------------
Download G0dzilla from http://members.lycos.co.uk/r34ct/


credit:
-------
Vulnerability found by: Dr_insane (dr_insane@pathfinder.gr)
Advisory by: Dr_insane (dr_insane@pathfinder.gr)
http://members.lycos.co.uk/r34ct/


-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: PGP 6.5.8

mQENA0AeNJEAAAEIAKHbCWwz5z9qANjcrme4TeH6S/G3aLlo/DLliQ0xmtKcZKNC
3icPGD3/wZrGHPAcePooACQ/uD9jEc2B7Jc7FEn43ke1zEhBuey4t7UmxEXQ17bG
uwQZHpSjx9Jvh1LO7PPHi4doKF5Hccs+YSTkV0MO9QibbKLXPQ4TBjv5Z01yoJKo
m5225jpLNYhrKixK/1J+JZK1V/7CbrhSqERtVNcWOqj/VCsVTvDZ5EIbuRTndIRE
QTXompz9mQ9vfpXToRrWHf9QXhmgcriLI8rekfGpLwNa0jrBB8wf3IMTFq85Rw6p
AaBCEnIVfHIbaRLSFnB2lmBaugc6oZiZ5hwF/HkABRG0F2RyX2luc2FuZUBwYXRo
ZmluZGVyLmdymQGiBEAeNmcRBADzJOH5jdiuHrrcY4cJoGiBKgYdtVeBrIxKmmmJ
yndZAQmLOMlTpKyfPOJ89xxrY8+3nQngRrIeyGMb9oXiy1rBZFrLWdhzuSDY/p+z
h9wVjW6C+5ny1tIchiKHccsd4tdWn0w9Sv1z0HHHJLsqkdJSu9ltzXe7EZsLpFw+
xf0e/QCg/y2PS9H8K/bojBsqp2tGEp/bhysD/jYeNQu/GcL1nnMZ56uzaBs0hGIz
qndVABOiDxfbJ14Qws836lGA7GzJYjz6YqgVl0rzmnUmd0BKL+Z/rlg04z6P6pU9
Yt2FslwfkUX9/gMDlMC3JlFn+9wjy+Qnr1g1BoauTsHgUukc3cZYEozJj0rMTdpj
DfSJWAY/spQA3Km5A/95/1xrUa1TT1sSSBZw8MiHUheLP83G0sXeEHBueZze+pyj
T5Y9VVdvMJ9gdM7h6qH20Xwof78MVWLhL+TdQQBoSSL2jYhylUIcl0Np/ASJDcwF
J4+9M6dl79IPiXL/bLt0cqOTD9PVzKAvLv3gNhXGd5K+m4Y9iAj1bKtJh6VDILQX
ZHJfaW5zYW5lQHBhdGhmaW5kZXIuZ3KJAE4EEBECAA4FAkAeNmcECwMBAgIZAQAK
CRB/Gs3qanZtAtCVAKCJYgrjYduhsJ6GFxmESyNSYo2IOQCeL/I95jCuUUOxGk8l
td00CK24ARu5Aw0EQB42aRAMAMwdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3
yHx5sHIdOHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoP
Ks4fdIRPyvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/Cqn
S3wy9kJXtwh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstD
qZSt90xkhkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryD
xUcwYc58yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSR
BzZrM2w4DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGze
MyEstSr/POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1B
n5x8vYlLIhkmuquiXsNV6UwybwACAgv/duApQ25X5fITpfuUeiPLiLHWriS6/VhO
gFTLzi9eOqt2a+54pfFCaYEijETw5iaduMwGk0PHDg4SpFg0qt6Jxw3z1XUSvfI7
QO1HCtZWJ/jd/Tas82TAt13yzTdyHnvBLUIElfRzjqHy4SUnHRPK7Y8DBbMgfv55
bAeug3BAou1CjcAF6Q9mQ3CWBCaCe8XgRUeke2ftCMtwPT/5Xx+ZJYtibcJsIBSl
EcbUZw4NBf9QU/E0D1H99AoRndViJ/tr13sHvOFTqabRdcFW3fKDb9xK+c8SvZ4G
bMgSyexGTtgiugCK4B6Nf+EWPqJ2bJFOrt73U1GWOznbkAQX2/RE+mT6W4/Sqx5R
YtD6DfzXWcvmQiI7yxD8jvO5ngnIZdJ9nwOcfYeaXbGAKkH9V+pIZ3NtJm+aB9YW
bLbZkXHF3UH3CnU9tcLEOPyUdfOEfiB19Ci8ABSg8P9fB6ygFZ0ebC1bNJ7wSIZJ
pNY5Q84TfCrs8BSZOO/gXBKkIVrNgDroiQBGBBgRAgAGBQJAHjZpAAoJEH8azepq
dm0CjJgAoLpsuV1hVD5COQc6+QarR0VEbx4OAJ9shB9hU8HnxdGIa9C1CLO/jRB+
uA==
=HvIP
-----END PGP PUBLIC KEY BLOCK-----

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC