Strumpf Noir Society Advisories ! Public release ! <--# -= Infinite InterChange DoS =- Release date: Thursday, 21 December, 2000 Introduction: Infinite InterChange is a Win95/98/NT/2k mailserver for organizations that need to expand their network messaging. Infinite InterChange has many functions, ranging from standalone mailserver to Internet gateway. InterChange can be found at vendor Infinite's website, http://www.ihub.com Problem: One of Interchange's main features is a popular webmail interface. This interfa ce and it's supporting HTTP server are subject to a Denial of Service attack throu gh a malformed POST request. Problem: The HTTP server coming with InterChange contains an overflow in the POST comman d. Submitting a specially crafted POST request comprised of 963 bytes or more to t he server's HTTP port will cause the program to crash. This can be as simple as: telnet victim 80 GET aaa(963+ bytes) HTTP/1.0 At which point the server-process will die. (..) Solution: Vendor has been notified. This was tested against Infinite InterChange 3.61. Note: In our correspondence with the vendor another problem was not reproducable, so no resources were devoted to both. Though this is partially understandable, we reg ret this decision since it leaves us no means of predicting when above will be fixe d. yadayadayada SNS Research is rfpolicy (http://www.wiretrip.net/rfp/policy.html) compliant, all information is provided on AS IS basis. EOF, but Strumpf Noir Society will return!