Possible Buffer Overflow in Cmail
CVE 2000-0556
CVE 2000-0557
Impact
If the system has this buffer overflow condition, an attacker
could send a specially constructed request which crashes the
server or executes arbitrary code.
Note: While the red stoplight on this page indicates the
highest possible severity level for this vulnerability, the severity
level in this particular instance is indicated next to the link to
this tutorial on the previous page. If there is a
red dot, your server is vulnerable. If there is a
brown dot, the vulnerability could not be confirmed, and you
should determine whether or not your server is vulnerable based on the
information below.
Background
The Cmail
application is a mail server which runs on Microsoft operating systems and
provides e-mail services. Cmail is compatible with many popular e-mail
clients, and also has a web-based interface. The web server runs on
port 8002 by default.
The Problem
CVE 2000-0557
Due to a buffer overflow condition in NTDLL.DLL,
an attacker could execute arbitrary code by sending a large,
specially crafted GET command to the web server.
Cmail version 2.4.7 and possibly prior versions are vulnerable.
CVE 2000-0556
Due to a second, unrelated vulnerability, a denial-of-service attack
is possible whereby an attacker could consume up to 95% of the
server's CPU time.
Resolutions
Upgrade to Cmail
version 2.4.8 or higher.
Where can I read more about this?
This vulnerability was posted to NT Bugtraq.