SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (E-mail Server)  >   INweb Mail Server Vendors:   INweb ApS
INweb Mail Lets Remote Users Deny Service By Multiple Connections in Rapid Succession
SecurityTracker Alert ID:  1010680
SecurityTracker URL:  http://securitytracker.com/id/1010680
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Jul 13 2004
Impact:   Denial of service via network
Exploit Included:  Yes  
Version(s): 2.40
Description:   A vulnerability was reported in the INweb Mail Server. A remote user can cause denial of service conditions.

Dr_insane reported that a remote user can establish and close 600 connections in rapid succession to cause the target service to crash. The POP3 and SMTP ports are affected, the report said.

The original advisory is available at:

http://members.lycos.co.uk/r34ct/main/inwebmail.txt

Impact:   A remote user can cause the target mail service to crash.
Solution:   No solution was available at the time of this entry.
Vendor URL:  www.inwebmail.com/ (Links to External Site)
Cause:   State error
Underlying OS:  Windows (Any)

Message History:   None.


 Source Message Contents

Subject:  http://members.lycos.co.uk/r34ct/main/inwebmail.txt


http://members.lycos.co.uk/r34ct/main/inwebmail.txt

+++++++++++++++++++++++++++++++++++++++++++
+ InWebMAil 2.40 server Denial of Service +
+++++++++++++++++++++++++++++++++++++++++++

Release date:
12/07/2004

Systems affected:
Windows 9x
windows XP
Windows 2000
windows NT

Description:
The INweb Mail Server is a standard Internet POP3 and SMTP mail server that runs 
flawlessly under Windows
2000 and NT and other windows platforms.The INweb Mail Server is aggressively priced, 
robust, user friendly
and full featured. It is very easy to install - 10 minutes should do it!The INweb Mail 
Server provides
numerous unique features for both small and large businesses, as well as ISPs.This 
includes many facilities
to handle spam and viruses!

There is a security issue in Inwebmail 2.40 which can be exploited by malicious people to 
create a denial
of service attack. A succesfull attack will crash the server.

The issue is caused due to an error in the connection handling, which can be exploited by 
establishing
about 600 connections.

In order to crash the server you have to create 600 connections with the POP3 or SMTP services
very fast (disconnect and connect many times). A good idea would be to code a script to 
execute these
actions. If you want you can download G0dZilla for www.r34ct.tk to test it.


0042DF8F   mov         eax,dword ptr [edi]
0042DF91   mov         dword ptr [esi+0Ch],eax
0042DF94   call        dword ptr ds:[4522D8h]
0042DF9A   mov         ecx,dword ptr [ebp-0Ch]
0042DF9D   mov         eax,edi
0042DF9F   pop         edi
0042DFA0   pop         esi
0042DFA1   mov         dword ptr fs:[0],ecx
0042DFA8   pop         ebx
0042DFA9   leave
0042DFAA   ret
0042DFAB   mov         eax,dword ptr [ebp-14h]
0042DFAE   add         eax,10h
0042DFB1   push        eax
0042DFB2   call        dword ptr ds:[4522D8h]
0042DFB8   push        0
0042DFBA   push        0
0042DFBC   call        00431F5E
0042DFC1   push        esi
0042DFC2   push        edi
0042DFC3   mov         edi,dword ptr [esp+0Ch]
0042DFC7   mov         esi,ecx
0042DFC9   test        edi,edi
0042DFCB   je          0042DFE8
0042DFCD   push        ebx
0042DFCE   lea         ebx,[esi+10h]
0042DFD1   push        ebx


Workaround:
Use another product.


Credit:
Dr_insane
Http://members.lycos.co.uk/r34ct/


Feedback
Please send your comments to: dr_insane@pathfinder.gr



 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2020, SecurityGlobal.net LLC