[12483] in bugtraq
Re: Interscan VirusWall NT 3.23/3.3 buffer overflow.
daemon@ATHENA.MIT.EDU (Bob Li)
Mon Nov 8 18:36:39 1999
Mime-Version: 1.0
Content-Type: text/plain; charset="windows-1252"
Message-Id: <D129BBE1730AD2118A0300805FC1C2FE0456ABCB@209-76-212-10.trendmicro.com>
Date: Mon, 8 Nov 1999 14:16:42 -0800
Reply-To: Bob Li <Bob_Li@TRENDMICRO.COM>
From: Bob Li <Bob_Li@TRENDMICRO.COM>
X-To: BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM
Just to keep everyone updated, Trend has examined the exploit and is
currently in the process of testing an official patch for this problem.
This should be available within a few hours at most.
Thank you,
Bob Li
Product Manager
Trend Micro, Inc.
E-Mail: bob_li@trendmicro.com
Phone: 408-863-6341
-----Original Message-----
From: dark spyrit [mailto:dspyrit@BEAVUH.ORG]
Sent: Sunday, November 07, 1999 4:52 AM
To: BUGTRAQ@SECURITYFOCUS.COM
Subject: Interscan VirusWall NT 3.23/3.3 buffer overflow.
A buffer overflow exists on the VirusWall smtp gateway - by sending a long
HELO command you can overflow the buffer and execute arbitrary code.
Example code has been written which will spawn a command prompt on a port
you specify.
Before you shrug this one off, take a look:
Connected to mail1.microsoft.com.
Escape character is '^]'.
220 mail1.microsoft.com InterScan VirusWall NT ESMTP 3.23 (build 9/10/99)
ready
at Sun, 07 Nov 1999 03:38:44 -0800 (Pacific Standard Time)
The ironic thing here is, VirusWall was designed to prevent viruses and
'malicious code'.
Obviously not a lot of thought was taken before laying their trust into
3rd party 'security' products.
A quick note to the millions out there who would give their right arm to
compromise microsofts network - sorry, their firewall would prevent the
payload from spawning a remote shell.. unless of course it was modified to
stop an existing service to open a port :)
Exploit source and binary is available at http://www.beavuh.org.
Credit to Liraz Siri for bringing this to our attention.
Hi to eEye/w00w00/teso.
dark spyrit
http://www.beavuh.org - bend over and pray.
