Gordano's NT Mail Vulnerable to Denial of Service

Reported March 20, 2001, by Defcom Labs.

VERSION AFFECTED

  • Gordano NTMail 6.0.3c for Windows NT and Windows 2000

DESCRIPTION

Gordano NTMail 6.0.3c for Windows NT and Windows 2000 is subject to a Denial of Service (DoS) condition. By sending a URL request to the server with a character length exceeding 255 characters, a malicious attacker can crash the server listening on ports 8000, 8025, 8080, 8888 and 9000.

 

VENDOR RESPONSE

 

The vendor, Gordano, has issued a patch to correct this vulnerability. You can download it from the Gordano Web site.

 

CREDIT


Discovered by Peter Gründl.

Hide comments

Comments

  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.
Publish