COMMAND

    DynFX POPd

SYSTEMS AFFECTED

    DynFX POPd

PROBLEM

    Following is based  on a Strumpf  Noir Society Advisories.   DynFX
    MailServer is an  SMTP and POP3  Server package for  the WINNT and
    Win2k platforms.

    The pop daemon that is part of this package contains a problem  in
    the logon function.  Due to improper handling of overly long  (258
    bytes or more) usernames this can be abused to remotely crash  the
    running pop3 service.

    The problem appears to be that, altough this is not apparant  from
    the relevant API documentation, Mutex doesn't properly handle  the
    unexpectedly long input in below code.

        strMutex = _T("POP3_") + m_strUser + _T("_Lock");
        m_pMutex = new CMutex( FALSE, strMutex );

    This was tested against  DynFX MailServer 2.10.3595.1, running  on
    MS WINNT 4.0.

SOLUTION

    Applying a check on this through limiting the length of  m_srtUser
    fixes this problem.   Vendor has been  notified and has  fixed the
    issue in build 2.10.3604.2 of this product.