Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

csm.dos.txt

🗓️ 31 Dec 1999 00:00:00Reported by Underground Security Systems ResearchType 
packetstorm
 packetstorm🔗 packetstormsecurity.com👁 24 Views

Local/Remote D.o.S attack vulnerability in CSM Mail Server for Windows 95/NT identified.

Code
`Local / Remote D.o.S Attack in CSM Mail Server for Windows 95/NT  
v.2000.08.A  
  
USSR Advisory Code: USSR-99027  
  
Release Date:  
December 29, 1999 [3/5]  
  
Systems Affected:  
CSM Mail Server for Windows 95/NT and others old versions.  
Version: 2000-01A  
Version: 1999-07M  
Version: 1999-07I  
Version: 1999-07H  
Version: 1999-07G  
Version: 1999-07F  
Version: 1999-07b  
  
About The Software:  
CSM Mail Server for Windows 95/NT allows:  
* FIREWALL is usefull to reject unwanted calls to the SMTP server.  
* ANTI-SPAMMING is usefull to reject unwanted messages.  
* To define VIRTUAL DOMAINS which are physically manage by the  
server itself.  
* To define SECONDARY DOMAINS which are physically managed by the  
same or another server computer.  
* To ROUTE (send or receive) messages between itself and the Internet.  
* To ROUTE (send via SMTP) received message to the secondary domains.  
* To TRANSFER (send or receive) messages between itself and the  
worktations attached to the local area network (LAN).  
* To MANAGE the user mailboxes.  
* To DISRIBUTE the messages in the mailboxes.  
* It can be installed behind a Firewall or a CSM Proxy server.  
  
THE PROBLEM  
  
UssrLabs found a Local / Remote Buffer overflow,and maybe remotely  
exploitable buffer overflow,  
the overflow is caused by a (long HELO) in the login procedure.  
  
Example:  
[[email protected]$ telnet example.com 25  
Trying example.com...  
Connected to example.com.  
Escape character is '^]'.  
220 SMTP CSM Mail Server ready at ServerName.com (Version 2000.08.A -  
NT.4.0.1381)  
helo [buffer]  
  
Where [buffer] is aprox. 12000 characters. At his point the server overflows  
and crashes.  
  
  
Do you do the w00w00?  
This advisory also acts as part of w00giving. This is another contribution  
to w00giving for all you w00nderful people out there. You do know what  
w00giving is don't you? http://www.w00w00.org/advisories.html  
  
Vendor Status:  
Informed.  
  
Vendor Url: http://www.csm-usa.com  
Program Url: http://www.csm-usa.com/product/mailsrvr/  
  
Credit: USSRLABS  
  
SOLUTION  
Noting yet :(  
  
Greetings:  
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and  
Wiretrip.  
  
About the Ussrback.com Web Page, yesterday we take the web site offline we  
are moving to a new server,  
the web still down for 2 days more (dns changes).  
  
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h  
http://www.ussrback.com  
  
  
  
`

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
31 Dec 1999 00:00Current
csm mail serverd.o.s attackbuffer overflowremote exploitsystem vulnerabilitysecurity advisory.
24