[AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
- To: bugtraq@xxxxxxxxxxxxxxxxx, vuldb@xxxxxxxxxxxxxxxxx
- Subject: [AJECT] NoticeWare IMAP Email Server 4.6.2 DoS vulnerability
- From: João Antunes <jantunes@xxxxxxxxxxx>
- Date: Fri, 8 Aug 2008 11:41:13 +0100
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:from:to :content-type:content-transfer-encoding:subject:mime-version:date :x-mailer:sender; bh=tPV+T1izV/3b9K6+xM5lLrj8LNW5+6TcWEUlzn0mbls=; b=OkY8+l7xj5j4Zark5HK5knUGLFQhQBh/1wzxFz9hMyMKLR3S3vkL7x/Pgo3F87NDjT 82Ct+arbjedYTYfq6gvlCEDXDBRpwFZxzCJbqD5TeTTUaFB5cTqXzQqpAjCCMaGAxG1Y Y0ZekImAO4vsOCft+3E1cFYw6IlAiRD+pazAE=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:from:to:content-type:content-transfer-encoding:subject :mime-version:date:x-mailer:sender; b=i8pUZs7fvqdFp1LYQn/KecpEjsMRILmAfshIK6vCcCYjeET65LgLslp8BSZTZzlf31 qM9dKyI4CDbtbd9IkXeAPoLXHPL5dthJkLfPjCG5K8gn/wsxl4BwpSLLKtLy7+CKI0cl BJjgIF7SsADBIKwk6cVNq56r4f+USl3+kxJqA=
- List-help: <mailto:bugtraq-help@securityfocus.com>
- List-id: <bugtraq.list-id.securityfocus.com>
- List-post: <mailto:bugtraq@securityfocus.com>
- List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
- List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
- Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
- Sender: João Antunes <jasantunes@xxxxxxxxx>
----------------------------------------
Synopsis
----------------------------------------
NoticeWare Email Server NG 4.6.2 is vulnerable to denial-of-service
(DoS) attacks.
The IMAP server crashes after receiving several large LOGIN messages.
Product: NoticeWare Email Server NG
Version: 4.6.3 and probably the older versions
Vendor: NoticeWare Corporation (www.noticeware.com)
Type: Denial-of-service
Risk: service disruption
Remote: Yes
Discovered by: João Antunes (AJECT -- Attack Injection Tool) on 04/Jun/
2008
Exploit: Not Available
Solution: Not Available
Status: Developers were contacted and corrected the software in
version 5.1
----------------------------------------
Vulnerability Description
----------------------------------------
The vulnerability can be triggered by sending over 40 LOGIN messages
to the imap server:
A001 LOGIN Ax5000 AAAAA
Depending on the number of repeated messages (probably related to the
server resources) this will crash the server. Successful exploitation
results in a remote denial of service.