MDaemon SMTP server can be crashed with a long HELO
| mdaemon-helo-bo (1834) |  Medium Risk |
Description:
MDaemon could allow a remote attacker to crash the server by sending a HELO command with a very large argument. To regain normal functionality, the server must be manually restarted.
Platforms Affected:
- Alt-N, MDaemon
- Microsoft, Windows
Remedy:
Upgrade to the latest version of MDaemon (2.7.1, SP2 or later), available from the MDaemon Download Page. See References.
Consequences:
Denial of Service
References:
- BugTraq Mailing List, Wed, 11 Mar 1998 00:44:45 -0600, MDaemon SMTP Server Buffer Overflow's at http://archives.neohapsis.com/archives/bugtraq/1998_1/0374.html.
- MDaemon Download Page, MDaemon POP3/SMTP Server for Windows at http://www.mdaemon.com/download.cfm.
- Rootshell Web site, MDaemon buffer overflow at http://www.rootshell.com/archive-j457nxiqi3gq59dv/199803/mdaemon.c.html.
- BID-8622: Alt-N MDaemon Server SMTP HELO Argument Buffer Overflow Vulnerability
- CVE-1999-0284: Denial of service to NT mail servers including Ipswitch, Mdaemon, and Exchange through a buffer overflow in the SMTP HELO command.
Reported:
Mar 11, 1998
The information within this database may change without notice. Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the author/distributor (IBM Internet Security Systems X-Force) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.
For corrections or additions please email xforce@iss.net