ID OSVDB:5970 Type osvdb Reporter Chris Wedgwood(chris@cybernet.co.nz) Modified 1998-04-08T13:11:17
Description
Vulnerability Description
AppleShare IP Mail Server contains a flaw that allows a remote attacker to crash the server. The issue is due to a buffer overflow condition in the SMTP service. By sending a HELO command containing 1024 or more characters to port 25, an attacker will crash the server.
Solution Description
Upgrade to version 5.0.4, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.
Short Description
AppleShare IP Mail Server contains a flaw that allows a remote attacker to crash the server. The issue is due to a buffer overflow condition in the SMTP service. By sending a HELO command containing 1024 or more characters to port 25, an attacker will crash the server.
{"type": "osvdb", "published": "1998-04-08T13:11:17", "href": "https://vulners.com/osvdb/OSVDB:5970", "hashmap": [{"key": "affectedSoftware", "hash": "8ca19e91a8b629e4354513445596b8ed"}, {"key": "bulletinFamily", "hash": "f9fa10ba956cacf91d7878861139efb9"}, {"key": "cvelist", "hash": "759d77d2cd477203cd943a02405a7cf2"}, {"key": "cvss", "hash": "84813b1457b92d6ba1174abffbb83a2f"}, {"key": "description", "hash": "24d0d8521686de45d97b3bf5bc99f23d"}, {"key": "href", "hash": "df796250c6e6bda374f8df5dbeb13e7d"}, {"key": "modified", "hash": "2988c0b4f32a9298fb56f87e9142e8f3"}, {"key": "objectVersion", "hash": "56765472680401499c79732468ba4340"}, {"key": "published", "hash": "2988c0b4f32a9298fb56f87e9142e8f3"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "ed380dbcd5bd646c4eb656c8f9dc874e"}, {"key": "title", "hash": "b8ac8d95c95f81934386006619e9cd05"}, {"key": "type", "hash": "1327ac71f7914948578f08c54f772b10"}], "bulletinFamily": "software", "cvss": {"vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/", "score": 5.0}, "viewCount": 0, "history": [], "edition": 1, "objectVersion": "1.2", "reporter": "Chris Wedgwood(chris@cybernet.co.nz)", "title": "AppleShare IP Mail Server Long HELO Overflow", "affectedSoftware": [{"operator": "eq", "version": "5.0.3", "name": "AppleShare IP Mail Server"}], "enchantments": {"vulnersScore": 7.5}, "references": [], "id": "OSVDB:5970", "hash": "13266377f995e3e4cdb973d5a3dea2584dae259267ae6521d3a391a5dd41347b", "lastseen": "2017-04-28T13:20:00", "cvelist": ["CVE-1999-1015"], "modified": "1998-04-08T13:11:17", "description": "## Vulnerability Description\nAppleShare IP Mail Server contains a flaw that allows a remote attacker to crash the server. The issue is due to a buffer overflow condition in the SMTP service. By sending a HELO command containing 1024 or more characters to port 25, an attacker will crash the server.\n## Solution Description\nUpgrade to version 5.0.4, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nAppleShare IP Mail Server contains a flaw that allows a remote attacker to crash the server. The issue is due to a buffer overflow condition in the SMTP service. By sending a HELO command containing 1024 or more characters to port 25, an attacker will crash the server.\n## References:\n[Vendor Specific Advisory URL](http://developer.apple.com/devnews/devnews050898.html)\n[Related OSVDB ID: 5969](https://vulners.com/osvdb/OSVDB:5969)\n[Related OSVDB ID: 6023](https://vulners.com/osvdb/OSVDB:6023)\n[Related OSVDB ID: 6031](https://vulners.com/osvdb/OSVDB:6031)\n[Related OSVDB ID: 6034](https://vulners.com/osvdb/OSVDB:6034)\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_2/0039.html\nISS X-Force ID: 886\n[CVE-1999-1015](https://vulners.com/cve/CVE-1999-1015)\nBugtraq ID: 0061\n"}
{"result": {"cve": [{"id": "CVE-1999-1015", "type": "cve", "title": "CVE-1999-1015", "description": "Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command.", "published": "1998-04-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1015", "cvelist": ["CVE-1999-1015"], "lastseen": "2017-11-25T11:32:45"}], "exploitdb": [{"id": "EDB-ID:19046", "type": "exploitdb", "title": "AppleShare IP Mail Server 5.0.3 - Buffer Overflow Vulnerability", "description": "AppleShare IP Mail Server 5.0.3 Buffer Overflow Vulnerability. CVE-1999-1015. Dos exploit for aix platform", "published": "1999-10-15T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://www.exploit-db.com/exploits/19046/", "cvelist": ["CVE-1999-1015"], "lastseen": "2016-02-02T10:57:47"}], "osvdb": [{"id": "OSVDB:7032", "type": "osvdb", "title": "AppleShare IP Mail Server HELO Overflow DoS", "description": "## Vulnerability Description\nA remote overflow exists in AppleShare IP Mail Server. The HELO command fails to validate input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service resulting in a loss of availability.\n## Solution Description\nCurrently, there are no known upgrades, patches, or workarounds available to correct this issue.\n## Short Description\nA remote overflow exists in AppleShare IP Mail Server. The HELO command fails to validate input resulting in a buffer overflow. With a specially crafted request, an attacker can cause a denial of service resulting in a loss of availability.\n## Manual Testing Notes\n$ telnet [victim] 25\nTrying 1.2.3.4...\nConnected to some.where.\nEscape character is '^]'.\n220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready\nHELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX\n[ and it just hangs ]\n## References:\nMail List Post: http://marc.theaimsgroup.com/?l=bugtraq&m=89200657216213&w=2\n[CVE-1999-1015](https://vulners.com/cve/CVE-1999-1015)\nBugtraq ID: 61\n", "published": "1998-04-08T00:00:00", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:NONE/I:NONE/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:7032", "cvelist": ["CVE-1999-1015"], "lastseen": "2017-04-28T13:20:02"}, {"id": "OSVDB:5855", "type": "osvdb", "title": "Multiple MTA Long HELO Overflow", "description": "## Vulnerability Description\nA remote overflow exists in multiple Mail Transfer Agents (MTA). The 'HELO' command fails to perform proper bounds checking resulting in a buffer overflow. With an overly long request to the command, a remote attacker can cause the SMTP service to crash resulting in a loss of availability.\n## Solution Description\nContact your vendor for an appropriate upgrade. An upgrade is required as there are no known workarounds.\n## Short Description\nA remote overflow exists in multiple Mail Transfer Agents (MTA). The 'HELO' command fails to perform proper bounds checking resulting in a buffer overflow. With an overly long request to the command, a remote attacker can cause the SMTP service to crash resulting in a loss of availability.\n## References:\nVendor URL: http://www.microsoft.com/\nVendor URL: http://www.seattlelab.com/\nVendor URL: http://www.stalker.com/content/default.html\nVendor URL: http://www.ipswitch.com/\nVendor URL: http://www.apple.com/\nOther Advisory URL: http://www.eeye.com/html/Research/Advisories/AD19990204.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_2/0039.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_2/0046.html\nMail List Post: http://archives.neohapsis.com/archives/bugtraq/1998_2/0040.html\nISS X-Force ID: 886\n[CVE-1999-1015](https://vulners.com/cve/CVE-1999-1015)\n[CVE-1999-0284](https://vulners.com/cve/CVE-1999-0284)\n[CVE-1999-1504](https://vulners.com/cve/CVE-1999-1504)\nBugtraq ID: 8555\nBugtraq ID: 62\nBugtraq ID: 8621\nBugtraq ID: 61\n", "published": "1998-04-08T00:00:00", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "href": "https://vulners.com/osvdb/OSVDB:5855", "cvelist": ["CVE-1999-1504", "CVE-1999-1015", "CVE-1999-0284"], "lastseen": "2017-04-28T13:20:00"}], "nessus": [{"id": "SMTP_HELO.NASL", "type": "nessus", "title": "Multiple MTA HELO Command Remote Overflow", "description": "The remote SMTP server seems to allow remote users to send mail anonymously by providing arguments that are too long to the HELO command (more than 1024 chars).\n\nThis problem may allow malicious users to send unsolicited mail (i.e., SPAM) or threatening mail using the server, and keep their anonymity.", "published": "1999-08-18T00:00:00", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}, "href": "https://www.tenable.com/plugins/index.php?view=single&id=10260", "cvelist": ["CVE-1999-0098", "CVE-1999-1504", "CVE-1999-1015"], "lastseen": "2016-12-10T05:38:21"}]}}