CVE-1999-1511
CVSS7.5
发布时间 :1999-11-10 00:00:00
修订时间 :2016-10-17 22:05:09
NMCOS    

[原文]Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2) a long HELO command in the SMTP service, or (3) a long user name in the Control Service.


[CNNVD]Artisoft XtraMail多个远程拒绝服务攻击漏洞(CNNVD-199911-042)

        
        XtraMail是一个email服务器软件。
        在XtraMail v1.11代码中多处地方没有进行边界检查,远程攻击者可能利用这些漏洞对服务器进行拒绝服务攻击。
        以下是一些可以造成拒绝服务的情况。
        漏洞举例:
        pop3 (110) 服务中在登陆过程中存在一个溢出
        +OK XtraMail POP3 Server (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:14:18 +-300
        user itsme
        +OK
        pass (buffer)
        buffer为1500字符
        SMTP (25) 服务在登陆过程中存在一个溢出
        220 XtraMail SMTP Server (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:16:14 +-300
        helo (buffer)
        buffer为10000字符
        Control Service (32000)服务在登陆过程中存在一个溢出
        XtraMail Control Service (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:20:11 +-300
        Username: (buffer)
        buffer为10000字符
        

- CVSS (基础分值)

CVSS分值: 7.5 [严重(HIGH)]
机密性影响: [--]
完整性影响: [--]
可用性影响: [--]
攻击复杂度: [--]
攻击向量: [--]
身份认证: [--]

- CPE (受影响的平台与产品)

产品及版本信息(CPE)暂不可用

- OVAL (用于检测的技术细节)

未找到相关OVAL定义

- 官方数据库链接

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-1999-1511
(官方数据源) MITRE
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-1999-1511
(官方数据源) NVD
http://www.cnnvd.org.cn/vulnerability/show/cv_cnnvdid/CNNVD-199911-042
(官方数据源) CNNVD

- 其它链接及资源

http://marc.info/?l=bugtraq&m=94226003804744&w=2
(UNKNOWN)  BUGTRAQ  19991110 Multiples Remotes DoS Attacks in Artisoft XtraMail v1.11 Vulnerability
http://www.securityfocus.com/bid/791
(VENDOR_ADVISORY)  BID  791
http://xforce.iss.net/static/3488.php
(VENDOR_ADVISORY)  XF  xtramail-pass-dos(3488)

- 漏洞信息

Artisoft XtraMail多个远程拒绝服务攻击漏洞
高危 边界条件错误
1999-11-10 00:00:00 2005-10-20 00:00:00
远程※本地  
        
        XtraMail是一个email服务器软件。
        在XtraMail v1.11代码中多处地方没有进行边界检查,远程攻击者可能利用这些漏洞对服务器进行拒绝服务攻击。
        以下是一些可以造成拒绝服务的情况。
        漏洞举例:
        pop3 (110) 服务中在登陆过程中存在一个溢出
        +OK XtraMail POP3 Server (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:14:18 +-300
        user itsme
        +OK
        pass (buffer)
        buffer为1500字符
        SMTP (25) 服务在登陆过程中存在一个溢出
        220 XtraMail SMTP Server (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:16:14 +-300
        helo (buffer)
        buffer为10000字符
        Control Service (32000)服务在登陆过程中存在一个溢出
        XtraMail Control Service (v1.11 69970090850) for Windows 95 ready at Wed, 10 Nov 99 06:20:11 +-300
        Username: (buffer)
        buffer为10000字符
        

- 公告与补丁

        厂商补丁:
        Artisoft
        --------
        目前厂商还没有提供补丁或者升级程序,我们建议使用此软件的用户随时关注厂商的主页以获取最新版本:
        
        http://www.artisoft.com

- 漏洞信息

251
Artisoft XtraMail Control Service Username Overflow
Input Manipulation
Loss of Integrity

- 漏洞描述

Unknown or Incomplete

- 时间线

1999-11-10 Unknow
Unknow Unknow

- 解决方案

Unknown or Incomplete

- 相关参考

- 漏洞作者

Unknown or Incomplete

- 漏洞信息

Artisoft XtraMail Multiple DoS Vulnerabilities
Boundary Condition Error 791
Yes Yes
1999-11-09 12:00:00 2009-07-11 12:56:00
Posted to Bugtraq by Ussr Labs <labs@USSRBACK.COM> on November 9, 1999.

- 受影响的程序版本

Artisoft XtraMail 1.11
- Microsoft Windows 95
- Microsoft Windows 98
- Microsoft Windows NT 3.5.1
- Microsoft Windows NT 4.0

- 漏洞讨论

There are several unchecked buffers in XtraMail 1.11, which when overflowed will crash the server and cause a denial of service.

1: POP3 server PASS argument
Will be overflowed with a password of over 1500 characters.

2: SMTP server HELO argument

Will be overflowed with a 10,000 character argument to the HELO command.

3: Control service Username
XtraMail includes a remote administration utility which listens on port 32000 for logins. The username buffer will be overflowed with a string of 10,000 characters or more.

- 漏洞利用

see discussion

- 解决方案

Currently the SecurityFocus staff are not aware of any vendor supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: vuldb@securityfocus.com.

- 相关参考

 

 

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息,请查阅[关于本站]

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标,它们的官方数据源均保存在MITRE公司的相关网站