Reporter Underground Security Systems Research
Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
USSR Advisory Code: USSR-99025
December 27, 1999 [1/5]
Rover POP3 Server V1.1 NT and possibly others versions.
About The Software:
Rover POP3 Server V1.1 NT From aVirt, is a full-featured Internet/Intranet
package that includes: POP3, and SMTP ( Ports 25/110 )
UssrLabs found a Local / Remote Buffer overflow,the buffer overflow is
caused by a long user name, 10000 characters, and the re-connection
to the Server.
Do you do the w00w00?
This advisory also acts as part of w00giving. This is another contribution
to w00giving for all you w00nderful people out there. You do know what
w00giving is don't you? http://www.w00w00.org/advisories.html
Binary or source for this Dos:
Vendor Url: http://www.avirt.com/
Program Url: http://www.avirt.com/
Upgrade to: Avirt Mail 3.5 or Avirt Mail v4 RC1 (Rover now is a discontinued
Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h