[18339] in bugtraq
Re: Infinite InterChange DoS
daemon@ATHENA.MIT.EDU (SNS Research)
Sun Dec 24 19:07:55 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-ID: <12110913953.20001223000552@greyhack.com>
Date: Sat, 23 Dec 2000 00:05:52 +0100
Reply-To: SNS Research <vuln-dev@greyhack.com>
From: SNS Research <vuln-dev@greyhack.com>
X-To: "CHIU, Wai Pun" <wpchiu@ied.edu.hk>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <AF2F16A7F572D21193A200805F318EF301CFE5C7@ws-44-16.ied.edu.hk>
>An much easily way, if you have account to the system, is to send email with
>very long subject string.
>I did not have time to check if this also caused the same bug or not.
>Anyway, this buy is discovered one years ago and Infinite fixed it within
>three day after my report by version 3.61.
We tested this particular one against 3.61, which was found
vulnerable. The nature is probably the same though. We'd like to note
that we've received a reply from the vendor confirming this issue now.
A fix will be made availble from the vendor's website
http://www.infinte.com / http://www.ihub.com soon.
Happy holidays to all of you, have a safe new year :P
Scsi-bear
SNS Research
