[NT] NGC Active Mail Server Multiple Buffer Overflows (HELO, MAIL FROM, and RCPT TO)

From: SecuriTeam (support_at_securiteam.com)
Date: 06/23/03

Next message: SecuriTeam: "[UNIX] IMP Allows Arbitrary File Reading and Path Disclosure"

Previous message: SecuriTeam: "[NT] Windows XP gethostbyaddr() NULL h_name Pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: list@securiteam.com
Date: 23 Jun 2003 11:05:09 +0200

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com
- - promotion

Beyond Security in Canada

Toronto-based Sunrays Technologies is now Beyond Security's representative in Canada.
We welcome ISPs, system integrators and IT systems resellers
to promote the most advanced vulnerability assessment solutions today.

- - - - - - - - -

NGC Active Mail Server Multiple Buffer Overflows (HELO, MAIL FROM, and
RCPT TO)
------------------------------------------------------------------------

SUMMARY

<http://www.nextgen.dk/> NGC Active Mail server 2002 is "a POP3 Mail
server for personal use". The product has been found to contain multiple
buffer overflow vulnerabilities, these vulnerabilities allow remote
attackers to cause the server to crash.

DETAILS

Vulnerable systems:
* NGC Active Mail server 2002

Any remote attacker can bring the NGC Active Mail server down by sending a
large amount of data with the HELO, MAIL FROM and RCPT TO commands. The
data size needs to be at least 33k characters.

ADDITIONAL INFORMATION

The information has been provided by <mailto:vulncode@yahoo.com> Ziv
Kamir.

========================================

This bulletin is sent to members of the SecuriTeam mailing list.
To unsubscribe from the list, send mail with an empty subject line and body to: list-unsubscribe@securiteam.com
In order to subscribe to the mailing list, simply forward this email to: list-subscribe@securiteam.com

====================
====================

DISCLAIMER:
The information in this bulletin is provided "AS IS" without warranty of any kind.
In no event shall we be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages.

Next message: SecuriTeam: "[UNIX] IMP Allows Arbitrary File Reading and Path Disclosure"

Previous message: SecuriTeam: "[NT] Windows XP gethostbyaddr() NULL h_name Pointer"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]