Subject Buffer overflow Miscrosoft MCIS mail server Date 05-Jan-2000
656cd2165da07cbfdb61569dbd725c2eb739fd1de2eed991b04656a49a41270b
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===============================================================================
>> CERT-NL, 01-Mar-2000 <<
>> All CERT-NL information has been moved to http://cert.surfnet.nl. Links <<
>> to CERT-NL information contained in this advisory are therefore outdated. <<
>> <<
>> CERT-NL also has stopped the CERT-CC-Mirror service. Due to this the <<
>> links to the CERT-CC mirror are obsolete. Visit the CERT-CC site for the <<
>> complete CERT-CC advisory texts: http://www.cert.org <<
===============================================================================
===============================================================================
Security Advisory CERT-NL
===============================================================================
Author/Source : Teun Nijssen Index : S-00-03
Distribution : World Page : 1
Classification: External Version: 1
Subject : Buffer overflow Miscrosoft MCIS mail server Date :05-Jan-2000
===============================================================================
By courtesy of Microsoft Product Security we received information on a
vulnerability in the Microsoft Commercial Internet System (MCIS) Mail server.
CERT-NL recommends to apply the patches mentioned below.
==============================================================================
Summary
=======
Microsoft has released a patch that eliminates a vulnerability in the
Microsoft(r) Commercial Internet System (MCIS) Mail server. The
vulnerability could allow a malicious user to remotely cause services on
the server to fail, or cause arbitrary code to run on the server.
Frequently asked questions regarding this vulnerability can be found at
http://www.microsoft.com/security/bulletins/00/MS00-001faq.asp.
Issue
=====
The IMAP service included in MCIS Mail has an unchecked buffer. If a
malformed request containing random data were passed to the service, it
could cause the web publishing, IMAP, SMTP, LDAP and other services to
crash. If the malformed request contained specially crafted data, it could
also be used to run arbitrary code on the server via a classic buffer
overrun attack.
Affected Software Versions
==========================
- Microsoft Commercial Internet System 2.0 and 2.5.
Patch Availability
==================
- Intel:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=17124
- Alpha:
http://www.microsoft.com/Downloads/Release.asp?ReleaseID=17122
NOTE: Additional security patches are available at the Microsoft Download
Center
More Information
================
Please see the following references for more information related to this
issue.
- Frequently Asked Questions: Microsoft Security Bulletin MS00-001,
http://www.microsoft.com/security/bulletins/00/MS00-001faq.asp.
- Microsoft Knowledge Base (KB) article Q246731,
MCIS: MCIS Mail Services unexpectedly stop,
http://support.microsoft.com/support/kb/articles/q246/7/31.asp.
(Note: It may take 24 hours from the original posting of this
bulletin for the KB article to be visible.)
- Microsoft Security Advisor web site,
http://www.microsoft.com/security/default.asp.
Obtaining Support on this Issue
===============================
This is a fully supported patch. Information on contacting Microsoft
Technical Support is available at
http://support.microsoft.com/support/contact/default.asp.
Acknowledgments
===============
Microsoft acknowledges Tristan Goode for bringing this issue to our
attention.
==============================================================================
CERT-NL is the Computer Emergency Response Team for SURFnet customers. SURFnet
is the Dutch network for educational, research and related institutes. CERT-NL
is a member of the Forum of Incident Response and Security Teams (FIRST).
All CERT-NL material is available under:
http://cert.surfnet.nl/
In case of computer or network security problems please contact your local
CERT/security-team or CERT-NL (if your institute is NOT a SURFnet customer
please address the appropriate (local) CERT/security-team).
CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer,
i.e. UTC+0100 in winter and UTC+0200 in summer (DST).
Email: cert-nl@surfnet.nl ATTENDED REGULARLY ALL DAYS
Phone: +31 302 305 305 BUSINESS HOURS ONLY
Fax: +31 302 305 329 BUSINESS HOURS ONLY
Snailmail: SURFnet bv
Attn. CERT-NL
P.O. Box 19035
NL - 3501 DA UTRECHT
The Netherlands
NOODGEVALLEN: 06 22 92 35 64 ALTIJD BEREIKBAAR
EMERGENCIES : +31 6 22 92 35 64 ATTENDED AT ALL TIMES
CERT-NL'S EMERGENCY PHONENUMBER IS ONLY TO BE USED IN CASE OF EMERGENCIES:
THE SURFNET HELPDESK OPERATING THE EMERGENCY NUMBER HAS A *FIXED*
PROCEDURE FOR DEALING WITH YOUR ALERT AND WILL IN REGULAR CASES RELAY IT
TO CERT-NL IN AN APPROPRIATE MANNER. CERT-NL WILL THEN CONTACT YOU.
===============================================================================
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.1i
iQA/AwUBOL6IBTSYjBqwfc9jEQJblACg3GX2xHujyhHkLj9Jj7ShDd/QGbkAoKS0
F7gV5kYAFvnkeko3th6FZyqp
=QL9X
-----END PGP SIGNATURE-----