Strumpf Noir Society Advisories

! Public release !

<--#





-= Infinite InterChange DoS =-



Release date: Thursday, 21 December, 2000





Introduction:



Infinite InterChange is a Win95/98/NT/2k mailserver for organizations that need

to expand their network messaging. Infinite InterChange has many functions,

ranging from standalone mailserver to Internet gateway.



InterChange can be found at vendor Infinite's website, http://www.ihub.com





Problem:



One of Interchange's main features is a popular webmail interface. This interface

and it's supporting HTTP server are subject to a Denial of Service attack through

a malformed POST request.





Problem:



The HTTP server coming with InterChange contains an overflow in the POST command.

Submitting a specially crafted POST request comprised of 963 bytes or more to the

server's HTTP port will cause the program to crash.



This can be as simple as:



telnet victim 80

GET aaa(963+ bytes) HTTP/1.0



At which point the server-process will die.





(..)





Solution:



Vendor has been notified. This was tested against Infinite InterChange 3.61.





Note:



In our correspondence with the vendor another problem was not reproducable, so no

resources were devoted to both. Though this is partially understandable, we regret

this decision since it leaves us no means of predicting when above will be fixed.





yadayadayada



SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html)

compliant, all information is provided on AS IS basis.



EOF, but Strumpf Noir Society will return!