NI3
11-03-2003, 09:04 AM
Security-Corporation ID : SC-0721
Author : d4rkgr3y <d4rk securitylab ru>
Product : eServ
/************************************************** ********
*
* m00 security advistory #005
*
* Memory-leak vulnerability in EServ/3.00
*
* [Only registered and activated users can see links]
*
************************************************** **********/
---------------------------------
Product: eServ
Version: 2.95-3.00
OffSite: [Only registered and activated users can see links]
---------------------------------
Overview:
eServ includes Mail, News, Web, FTP and ***** Servers.
It's the most popular russian server.
Problem description:
Several time ago similar vulnerability was founded in EServ/2.99
by SECURITEAM. It was noted, that EServ doesn't free
alocated memory in the heap after each disconnect. We have discovered
that similar problem exists in newest version of EServ.
It's possible to kill EServ and freeze the whole system by sending
a lot of data to EServ [Only registered and activated users can see links]
We have tested this vulnerability in LAN against win2k. EServ ate
all virtual-memory with total speed 10mb/s.
Exploit:
Remote Denial-of-Service exploit (*nix and win32 versions) against
EServ/2.95-3.0 you can find on our official site: m00.void.ru
Solution:
Vendor was informated about vulnerability.
Patched EServ/2.99 u can find here:
ftp://ftp.eserv.ru/pub/beta/2.99/Eserv3463.zip
(c) m00 Security / m00.void.ru
Author : d4rkgr3y <d4rk securitylab ru>
Product : eServ
/************************************************** ********
*
* m00 security advistory #005
*
* Memory-leak vulnerability in EServ/3.00
*
* [Only registered and activated users can see links]
*
************************************************** **********/
---------------------------------
Product: eServ
Version: 2.95-3.00
OffSite: [Only registered and activated users can see links]
---------------------------------
Overview:
eServ includes Mail, News, Web, FTP and ***** Servers.
It's the most popular russian server.
Problem description:
Several time ago similar vulnerability was founded in EServ/2.99
by SECURITEAM. It was noted, that EServ doesn't free
alocated memory in the heap after each disconnect. We have discovered
that similar problem exists in newest version of EServ.
It's possible to kill EServ and freeze the whole system by sending
a lot of data to EServ [Only registered and activated users can see links]
We have tested this vulnerability in LAN against win2k. EServ ate
all virtual-memory with total speed 10mb/s.
Exploit:
Remote Denial-of-Service exploit (*nix and win32 versions) against
EServ/2.95-3.0 you can find on our official site: m00.void.ru
Solution:
Vendor was informated about vulnerability.
Patched EServ/2.99 u can find here:
ftp://ftp.eserv.ru/pub/beta/2.99/Eserv3463.zip
(c) m00 Security / m00.void.ru