[14296] in bugtraq
Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0
daemon@ATHENA.MIT.EDU (Ussr Labs)
Thu Mar 16 19:38:42 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <NCBBKFKDOLAGKIAPMILPOEBJCDAA.labs@ussrback.com>
Date: Wed, 15 Mar 2000 13:04:37 -0300
Reply-To: Ussr Labs <labs@USSRBACK.COM>
From: Ussr Labs <labs@USSRBACK.COM>
X-To: BUGTRAQ <bugtraq@securityfocus.com>
To: BUGTRAQ@SECURITYFOCUS.COM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Local / Remote DoS Attack in MERCUR WebView WebMail-Client 1.0 for
Windows 98/NT Vulnerability
USSR Advisory Code: USSR-2000036
Release Date:
March 16, 2000
Systems Affected:
MERCUR WebMail-Client Version 1.0 port (1080)
THE PROBLEM
UssrLabs found a buffer overflow in MERCUR WebView WebMail-Client 1.0
where they
do not use proper bounds checking in the code who handle the GET
commands
The following all result in a Denial of Service against the service
in question.
Example:
http://hostip:1080/mmain.html&mail_user=(buffer)
Where [buffer] is aprox. 1000 characters. (0)
Binary or source for this Exploit:
http://www.ussrback.com/
Exploit:
the Exploit, crash the remote machine service WebMail
Vendor Status:
informed
Vendor Url: http://www.atrium-software.com
Program Url: http://www.atrium-software.com/mercur/webview_e.html
Credit: USSRLABS
SOLUTION
Noting yet.
Greetings:
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, HNN, Technotronic and
Wiretrip.
-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>
iQA/AwUBOM+0lKVRYEYcg938EQLq4QCePdgf0R2IJe+Aj6B2vITCMRqXQ0AAoMlG
XqMksVbiVGmBkidwiwwWlSVc
=Aem+
-----END PGP SIGNATURE-----
