Bugtraq mailing list archives
Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt
From: labs () USSRBACK COM (Ussr Labs)
Date: Mon, 27 Dec 1999 19:24:36 -0300
Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt USSR Advisory Code: USSR-99025 Release Date: December 27, 1999 [1/5] Systems Affected: Rover POP3 Server V1.1 NT and possibly others versions. About The Software: Rover POP3 Server V1.1 NT From aVirt, is a full-featured Internet/Intranet server software package that includes: POP3, and SMTP ( Ports 25/110 ) THE PROBLEM UssrLabs found a Local / Remote Buffer overflow,the buffer overflow is caused by a long user name, 10000 characters, and the re-connection to the Server. Do you do the w00w00? This advisory also acts as part of w00giving. This is another contribution to w00giving for all you w00nderful people out there. You do know what w00giving is don't you? http://www.w00w00.org/advisories.html Binary or source for this Dos: http://www.ussrback.com/ Vendor Status: Contacted. Vendor Url: http://www.avirt.com/ Program Url: http://www.avirt.com/ Credit: USSRLABS SOLUTION Upgrade to: Avirt Mail 3.5 or Avirt Mail v4 RC1 (Rover now is a discontinued Program). Greetings: Eeye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN, Technotronic and Wiretrip. u n d e r g r o u n d s e c u r i t y s y s t e m s r e s e a r c h http://www.ussrback.com
Current thread:
- Local / Remote Remote DoS Attack in Rover POP3 Server V1.1 NT From aVirt Ussr Labs (Dec 27)
- Remote DoS/Access Attack in Internet Anywhere Mail Server(POP 3) v2.3.1 Steven Alexander (Dec 27)
- Trend Micro InterScan VirusWall SMTP bug asl () USA ALCATEL COM (Dec 27)
- L0pht Advisory: initscripts-4.48-1 RedHat Linux 6.1 Mudge (Dec 27)
- UnixWare local pis exploit Brock Tellier (Dec 27)
- Third Party Software Affected by IIS "Escape Character Parsing" V ulnerability Microsoft Product Security Response Team (Dec 28)
- majordomo local exploit Brock Tellier (Dec 28)
- $cf Security flaw Shevek (Dec 02)
- Re: majordomo local exploit Christopher Schulte (Dec 28)
- Re: majordomo local exploit Todd C. Miller (Dec 28)
- AltaVista rudi carell (Dec 29)
(Thread continues...)