Preface: SMTP login name overflowLogo -Internet Security Systems

SMTP login name overflow
advICE :Intrusions : 2001003
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

Buffer overflow attempt.

Details

A very long user name, password, or file name often signals an intentional effort to overflow a buffer on a server. By constructing the data in a particular way, the intruder may be able to execute his own code on the attacked system. More about this general class of attacks, which is the root cause of many attacks on the Internet. A HELO argument of over 1119 characters will crash the server A HELO argument of over 12,000 characters will crash the server. A HELO argument of over 10,000 characters overflows the buffer. There is a buffer overflow in the HELO command of the smtp gateway which ships as part of the Trend Micro InterScan VirusWall 3.3 product.

 more information
advICE: Buffer overflows  
 
BugtraqID: 1286   Concatus IMate Web Mail Server 2.5 Buffer Overflow Vulnerability
 
BugtraqID: 895   CSM Mailserver HELO Buffer Overflow Vulnerability
 
BugtraqID: 791   Artisoft XtraMail Multiple DoS Vulnerabilities
 
BugtraqID: 787   InterScan VirusWall Long HELO Buffer Overflow Vulnerability
 
eEye: MDaemon Remote DoS Attack  
 
BugtraqID: 62   Stalker Internet Mail Server Buffer Overflow Vulnerability
 
CVE-2000-0042   Buffer overflow in CSM mail server allows remote attackers to cause a DoS or execute commands via a long HELO
 
X-Force: 886   smtp-helo-bo
 
CVE-1999-0404   Buffer overflow in the Mail-Max SMTP server for Windows
 

 parametric information
lengthThe length of the SMTP login name.
helonameThe beginning portion of the login name.

 configuration for this item
login.maxname100The maximum length of a login name.

 
Version appeared:
Privacy Policy |  Copyright Info