Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

imonitor.txt

🗓️ 07 Jan 2000 00:00:00Reported by Underground Security Systems ResearchType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 27 Views

Local and remote Denial of Service attack vulnerability in IMail IMONITOR Server Version 5.08.

Code
`-----BEGIN PGP SIGNED MESSAGE-----  
Hash: SHA1  
  
Local / Remote D.o.S Attack in IMail IMONITOR Server for WinNT  
Version 5.08  
  
USSR Advisory Code: USSR-2000030  
  
Release Date:  
January 05, 2000  
  
Systems Affected:  
IMail IMONITOR (PORT 8181) Server for WinNT Version 5.08 and maybe  
other versions.  
IMail Server for WinNT Version 6.0 is not public, so I can't test it  
:(, anyway, I think it's vulnerable.  
  
About The Software:  
Mail Server is the choice of Business, Schools, and Service  
Providers. Unlike Microsoft Exchange and Lotus Notes, which are  
costly to deploy and cumbersome to administer, IMail Server is easy  
to install and easy to manage. It has a fixed cost and is scalable to  
thousands of users per server.  
  
THE PROBLEM  
  
UssrLabs found a bug, in the Imail Imonitor Service, Vulneravility is  
in a Cgi-Script (status.cgi), this Script checks if the Server  
Services is  
runing (and it spends too much Cpu in this operation we might add),  
if you execute the status.cgi, lots of times in a short time the  
Imail Imonitor will  
crash with an "Invalid Memory Address", and our friend DrWatson tells  
us  
to close the program :).  
  
Example:  
Open In Internet Explorer: http://ServerIp:8181/status.cgi  
And you will See something like this.  
  
|---------------------------------|  
|Service | Status |  
|SMTP | UP |  
|POP3 | UP |  
|DNS | UP |  
|WEB | UP |  
|TELNET | UP |  
|FTP | UP |  
|03:33:00 | 03:32:00 |  
|________|________|  
refresh  
  
if you Run the Status.cgi lots of times, the server will crash.  
  
Binary or source for this Exploit:   
  
http://www.ussrback.com/  
  
  
Do you do the w00w00?  
This advisory also acts as part of w00giving. This is another  
contribution to w00giving for all you w00nderful people out there.  
You do know what w00giving is don't you?   
http://www.w00w00.org/advisories.html  
  
Vendor Status:  
Informed, tracking number for this inquiry is IMS2000010500000096.  
  
Vendor Url: http://www.ipswitch.com  
Program Url: http://www.ipswitch.com/Products/IMail_Server/index.asp  
  
Credit: USSRLABS  
  
SOLUTION  
Noting yet :(  
  
Greetings:  
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN,  
Technotronic and  
Wiretrip.  
  
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c  
h  
http://www.ussrback.com  
  
  
-----BEGIN PGP SIGNATURE-----  
Version: PGPfreeware 6.5.2 for non-commercial use <http://www.pgp.com>  
  
iQA/AwUBOHMJMdybEYfHhkiVEQI+igCeO62+Ksc+o+ZXX2How02XnJozmGAAoPOi  
faPbyW+VQ+RzOt2cybbvR1N2  
=znTb  
-----END PGP SIGNATURE-----  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
07 Jan 2000 00:00Current
7.4High risk
Vulners AI Score7.4
denial of service attackimail imonitorvulnerabilitycgi scriptserver crashussr advisory.
27