发布时间 :2000-12-19 00:00:00
修订时间 :2008-09-10 15:06:17

[原文]Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cause a denial of service and possibly execute commands via a long username.

[CNNVD]Intel InBusiness eMail Station缓冲区溢出漏洞(CNNVD-200012-190)

        Intel InBusiness eMail Station 1.04.87 POP服务存在缓冲区溢出漏洞。远程攻击者可以借助超长用户名导致服务拒绝以及可能执行命令。

- CVSS (基础分值)

CVSS分值: 5 [中等(MEDIUM)]
机密性影响: NONE [对系统的机密性无影响]
完整性影响: NONE [不会对系统完整性产生影响]
可用性影响: PARTIAL [可能会导致性能下降或中断资源访问]
攻击复杂度: LOW [漏洞利用没有访问限制 ]
攻击向量: [--]
身份认证: NONE [漏洞利用无需身份认证]

- CPE (受影响的平台与产品)


- OVAL (用于检测的技术细节)


- 官方数据库链接
(官方数据源) MITRE
(官方数据源) NVD
(官方数据源) CNNVD

- 其它链接及资源
(VENDOR_ADVISORY)  XF  intel-email-username-bo
(VENDOR_ADVISORY)  BUGTRAQ  20001020 DoS in Intel corporation 'InBusiness eMail Station'

- 漏洞信息

Intel InBusiness eMail Station缓冲区溢出漏洞
中危 缓冲区溢出
2000-12-19 00:00:00 2006-08-09 00:00:00
        Intel InBusiness eMail Station 1.04.87 POP服务存在缓冲区溢出漏洞。远程攻击者可以借助超长用户名导致服务拒绝以及可能执行命令。

- 公告与补丁


- 漏洞信息 (20328)

Intel InBusiness eMail Station 1.4.87 Denial of Service Vulnerability (EDBID:20328)
hardware dos
2000-10-20 Verified
0 Knud Erik Højgaard
N/A [点击下载]

A buffer overflow exists in the Intel InBusiness eMail Station, a dedicated email device. When attempting to establish a connection, the username submitted to the device is not properly filtered for length. By supplying a string for USER of approximately 620 characters in length, it is possible for a remote attacker to overflow the relevant buffer. The device will halt in response, requiring the unit to be powered down and restarted. In addition to this denial of service, an attacker sufficiently familiar with the hardware architecture and firmware of this platform may, potentially, be able to exploit this overflow to place malicious machine code on the stack, permitting interference with or modification of the device's software, interception of messages, or another compromise of the unit's normal function.

[foo@bar]$ telnet mailstation 110
Trying mailstation...
Connected to mailstation.
Escape character is '^]'.
+OK Pop server at mailstation starting. <2831812.972049732@mail>
user [buffer]

where [buffer] is appx. 620 chars of your own choice.(tried A and %, expect
all to work)

Symptoms: The box(a nice little piece of hardware with built-in harddrive
and all) will stop responding, and needs a power cycle to restore function.		

- 漏洞信息

Intel InBusiness eMail Station User Name Remote Overflow
Remote / Network Access Input Manipulation
Loss of Integrity, Loss of Availability
Exploit Public

- 漏洞描述

A remote overflow exists in the Intel InBusiness eMail Station. The InBusiness eMail Station fails to check the length of the "user" command resulting in a buffer overflow. With a specially crafted request, an attacker can cause a DoS resulting in a loss of availability.

- 时间线

2000-10-20 Unknow
2000-10-20 Unknow

- 解决方案

Currently, there are no known upgrades or patches to correct this issue. The Intel InBusiness Email Station is no longer being developed or supported by Intel.

- 相关参考

- 漏洞作者