| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200311011204.08480.d4rk@securitylab.ru> Date: Sat, 1 Nov 2003 12:04:08 +0300 From: d4rkgr3y <d4rk@...uritylab.ru> To: bugtraq@...urityfocus.com Subject: Memory-leak vulnerability in EServ/3.00 /********************************************************** * * m00 security advistory #005 * * Memory-leak vulnerability in EServ/3.00 * * www.m00security.org * ************************************************************/ --------------------------------- Product: eServ Version: 2.95-3.00 OffSite: www.eserv.ru --------------------------------- Overview: eServ includes Mail, News, Web, FTP and Proxy Servers. It's the most popular russian server. Problem description: Several time ago similar vulnerability was founded in EServ/2.99 by SECURITEAM. It was noted, that EServ doesn't free alocated memory in the heap after each disconnect. We have discovered that similar problem exists in newest version of EServ. It's possible to kill EServ and freeze the whole system by sending a lot of data to EServ HTTP-service. We have tested this vulnerability in LAN against win2k. EServ ate all virtual-memory with total speed 10mb/s. Exploit: Remote Denial-of-Service exploit (*nix and win32 versions) against EServ/2.95-3.0 you can find on our official site: m00.void.ru Solution: Vendor was informated about vulnerability. Patched EServ/2.99 u can find here: ftp://ftp.eserv.ru/pub/beta/2.99/Eserv3463.zip (c) m00 Security / m00.void.ru
Powered by blists - more mailing lists