Inframail Denial of Service Vulnerability

[SNS Research <vuln-dev () greyhack com>]

Strumpf Noir Society Advisories
! Public release !
<--#


-= Inframail Denial of Service Vulnerability =-

Release date: Wednesday, March 28, 2001


Introduction:

Inframail is an advanced SMTP, POP, HTTP and FTP server solution
available in 3 editions (Home, Small Business and Advantage) for
MS Windows 9x/NT/2k and Linux.

Inframail is available from vendor Infradig's website:
http://www.infradig.com


Problem:

There exists a paring problem in the handling of 302 pages by the
server serving both the webpages and the administration interface for
the members of the Inframail product family.

This allows for a DoS against the system through a malformed POST
request consisting of a space followed by a long string (276 bytes
or more) of characters. The running services will freeze and the
program will need to be restarted to regain full functionality.


DoS example on the default HTTP port (80):

# telnet victim 80
POST / Ax276 bytes/ HTTP/1.1

after which the running services freeze. The same effect can be
witnessed when running above on the administration port (default 81).


(..)


Solution:

Vendor has been notified and has corrected this issue. A new release
(v3.98a) of this product has been made available from the vendor's
website.

This was tested against Inframail v3.97a running on MS Windows NT.


yadayadayada

Free sk8! (http://www.freesk8.org)

SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)
compliant, all information is provided on AS IS basis.

EOF, but Strumpf Noir Society will return!