interchange.txt

`Strumpf Noir Society Advisories  
! Public release !  
<--#  
  
  
-= Infinite InterChange DoS =-  
  
Release date: Thursday, 21 December, 2000  
  
  
Introduction:  
  
Infinite InterChange is a Win95/98/NT/2k mailserver for organizations that need  
to expand their network messaging. Infinite InterChange has many functions,  
ranging from standalone mailserver to Internet gateway.  
  
InterChange can be found at vendor Infinite's website, http://www.ihub.com  
  
  
Problem:  
  
One of Interchange's main features is a popular webmail interface. This interfa  
ce  
and it's supporting HTTP server are subject to a Denial of Service attack throu  
gh  
a malformed POST request.  
  
  
Problem:  
  
The HTTP server coming with InterChange contains an overflow in the POST comman  
d.  
Submitting a specially crafted POST request comprised of 963 bytes or more to t  
he  
server's HTTP port will cause the program to crash.  
  
This can be as simple as:  
  
telnet victim 80  
GET aaa(963+ bytes) HTTP/1.0  
  
At which point the server-process will die.  
  
  
(..)  
  
  
Solution:  
  
Vendor has been notified. This was tested against Infinite InterChange 3.61.  
  
  
Note:  
  
In our correspondence with the vendor another problem was not reproducable, so  
no  
resources were devoted to both. Though this is partially understandable, we reg  
ret  
this decision since it leaves us no means of predicting when above will be fixe  
d.  
  
  
yadayadayada  
  
SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)  
compliant, all information is provided on AS IS basis.  
  
EOF, but Strumpf Noir Society will return!  
`