Inetserv Vulnerabilities
Created 8/30/01
CVE 2000-0065
CAN 2001-1294
Impact
A remote attacker could create a denial of service or
execute arbitrary commands on the server.
Background
Inetserv is a
free e-mail server for Windows platforms. It includes support
for the SMTP, POP3, daytime,
finger, and whois protocols,
and also features a telnet interface and a web interface for users
to access e-mail.
In order to access e-mail, users are required to provide
a user name and password. The authentication is performed
using Basic WWW-Authentication, in which the user name
and password are encoded by the browser and sent to the server in the
HTTP header.
The Problem
CAN 2001-1294
Due to a buffer overflow condition in the web mail interface,
a remote attacker could crash the service by sending a very
long request to the web server. Furthermore, a problem in
the processing of the WWW-Authentication header could also allow a remote
attacker to execute arbitrary commands by sending a long,
specially crafted username and password pair. Inetserv versions
3.0 through 3.2.1 are affected by this vulnerability. An
attacker would not need to know a valid user name or password
in order to exploit this vulnerability.
CVE 2000-0065
Due to an older vulnerability affecting version 3.0, it could
also be possible for a remote attacker to
execute arbitrary commands by sending a long, specially-crafted
HTTP request to the web server.
Resolution
Install a fix from the vendor
when one becomes available. If no fix is available, the web mail
interface should be turned off.
Where can I read more about this?
The vulnerabilities affecting Inetserv versions up to 3.2.1
were posted to Bugtraq.
The vulnerability in version 3.0 was posted to
NTBugtraq.