[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
 
 discussions
- read forum
- new topic
- search
 

 meetings
- meetings list
- recent additions
- add your info
 
 top 100 sites
- visit top sites
- sign up now
- members
 
 webmasters

- add your url
- add domain
- search box
- link to us

 
 projects
- our projects
- free email
 
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : NTMail Configuration Service DoS

Title: NTMail Configuration Service DoS
Released by: Vigilante
Date: 4th September 2000
Printable version: Click here 
NTMail Configuration Service DoS



Advisory Code:   VIGILANTE-2000008



Release Date:

September 4, 2000



Systems Affected:

- NTMail V5 Alpha Processor

- NTMail V5 Intel Processor

- NTMail V6 Alpha Processor

- NTMail V6 Intel Processor



THE PROBLEM

The web configuration running on TCP port 8000 does not flush incomplete

HTTP requests, and thus it is possible to use up all the server ressources

within a very short time. During testing the CPU usage stayed around 90-99%

and within 2 minutes the www.exe service had consumed more than 250MB of

memory. An attack might result in the service crashing, when the system hits

the maximum pagefile size.



Vendor Status:

Gordano was contacted on the 19th of August (Saturday) and a reply was

received on the 21st of August. On The 22nd of August we received a fix,

which appears to fix the problem.



Fix (quote from the vendor):

"Gordano Limited, developers of the award winning mail server NTMail, are

pleased to have worked with Vigilante.com to secure their product

and protect their customers from a potential DoS exploit."



NTMail V5 Alpha Processor fix URL:

http://ftp.gordano.com/ntmail5/hotfixes/ntmail5g_alpha_20000830.zip



NTMail V5 Intel Processor fix URL:

http://ftp.gordano.com/ntmail5/hotfixes/ntmail5g_intel_20000830.zip



NTMail V6 Alpha Processor fix URL:

http://ftp.gordano.com/ntmail6/hotfixes/ntmail6_alpha_20000830.zip



NTMail V6 Intel Processor fix URL:

http://ftp.gordano.com/ntmail6/hotfixes/ntmail6_intel_20000830.zip





Vendor   URL: http://www.gordano.com/

Product  URL: http://www.ntmail.co.uk/

Copyright VIGILANTe 2000-08-19



Disclaimer:

The information within this document may change without notice. Use of

this information constitutes acceptance for use in an AS IS

condition. There are NO warranties with regard to this information.

In no event shall the author be liable for any consequences whatsoever

arising out of or in connection with the use or spread of this

information. Any use of this information lays within the user's

responsibility.



Feedback:

Please send suggestions, updates, and comments to:



VIGILANTe

mailto: swat@vigilante.com

http://www.vigilante.com






(C) 1999-2000 All rights reserved.