Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Windows Net Apps :: 1stup.htm

1st Up Mail Server 4.1 Buffer Overflow



Vulnerability

    1st Up Mail

Affected

    1st Up Mail Server v4.1

Description

    Following is based on a USSR Advisory USSR-2000058.  The Ussr Team
    has recently discovered  a Buffer Overflow  in 1st Up  Mail Server
    v4.1 where they do not  use proper bounds checking.   The overflow
    is in  the field  "mail from:  <", a  large number  of aaaaaa's ">
    (over 300).  It then displays this message:

        "Application popup: smtp server: smtp server.exe - Application Error
        : The instruction at "0x00402f23" referenced memory at "0x61616161".
        The memory could not be "read".

        Click on OK to terminate the program
        Click on CANCEL to debug the program "

    This  results  in  a  Denial  of  Service  against  the service in
    question.

Solution

    Upgrade to version 1st Up Mail Server 4.1.4e

        http://www.upland.co.uk/1stup/UpMailSetUp.EXE


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH