lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <200311011204.08480.d4rk@securitylab.ru>
Date: Sat, 1 Nov 2003 12:04:08 +0300
From: d4rkgr3y <d4rk@...uritylab.ru>
To: bugtraq@...urityfocus.com
Subject: Memory-leak vulnerability in EServ/3.00


/**********************************************************
*
*               m00 security advistory #005
*
*        Memory-leak vulnerability in EServ/3.00
*
*                    www.m00security.org
*
************************************************************/

---------------------------------
Product: eServ
Version: 2.95-3.00
OffSite: www.eserv.ru
---------------------------------

Overview:

eServ includes Mail, News, Web, FTP and Proxy Servers.
It's the most popular russian server.

Problem description:

Several time ago similar vulnerability was founded in EServ/2.99
by SECURITEAM. It was noted, that EServ doesn't free
alocated memory in the heap after each disconnect. We have discovered
that similar problem exists in newest version of EServ.
It's possible to kill EServ and freeze the whole system by sending
a lot of data to EServ HTTP-service.
We have tested this vulnerability in LAN against win2k. EServ ate
all virtual-memory with total speed 10mb/s.

Exploit:

Remote Denial-of-Service exploit (*nix and win32 versions) against
EServ/2.95-3.0 you can find on our official site: m00.void.ru

Solution:

Vendor was informated about vulnerability.
Patched EServ/2.99 u can find here:
ftp://ftp.eserv.ru/pub/beta/2.99/Eserv3463.zip

(c) m00 Security / m00.void.ru



Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ