Title: A-V Tronics InetServ Webmail Authentication Buffer Overflow Vulnerability
Severity: CRITICAL
Description:
A-V Tronics InetServ is a freeware server for Microsoft Windows systems. It offers functionality for POP3, SMTP, telnet, webmail and other services.
An exploitable buffer overflow exists in the webmail interface of Inetserver.
The buffer overflow will occur if the Username/Password fields are each filled with an excessive number of bytes(140+). At the very minimum this can cause InetServ to crash, denying whatever services the software is enabled to provide(telnet, SMTP, POP3, etc.).
However, a window of opportunity exists for the remote attacker to execute arbitrary code on the host(with the privileges of the server). This can be accomplished by overwriting variables on the stack, including EIP, in such a way as to cause the arbitrary code to be executed.
It should be noted that the webmail interface is an optional feature of A-V Tronics InetServ, and is not enabled by default.
Affected Products:
- A-V Tronics InetServ 3.0.0
- A-V Tronics InetServ 3.1.1
- A-V Tronics InetServ 3.2.1
References:
- A-V Tronics: InetServ Home Page
- NTBugtraq: Remote Buffer Exploit - InetServ 3.0
Juniper Networks provides this content via a wide variety of sources and production methods. If notified of errors or omissions in the content of this page, Juniper Networks, at its discretion, will modify or remove the page or leave the content as is, depending on various factors including but not limited to the reputation and authority of the party providing the notification. Please use the contact information displayed elsewhere on this page to report any errors or omissions regarding the content on this page.
