COMMAND

    ITHouse

SYSTEMS AFFECTED

    ITHouse Mail Server v1.04

PROBLEM

    Following  is  based  on  Delphis  Consulting  Plc  Security  Team
    Advisory.   Delphis  Consulting  Internet  Security  Team  (DCIST)
    discovered the following vulnerability in the ITHouse Mail  Server
    under Windows NT.

    Sending  an  email  via  SMTP  to  an  IT House Mail Server with a
    recipient's name in excess of 2270 bytes causes the IT House  Mail
    Server to buffer overrun overwriting  the EIP (2270 + EIP).   This
    could  allow  an  attacker  to  execute  arbitrary code on the the
    server.  Example:

        HELO example.org
        MAIL FROM:example@example.org
        RCPT TO:<A x 2270> + EIP
        DATA

        .
        QUIT

    Wait for  the mail  delivery routine  to start  at which point the
    server will crash executing the arbitrary code.

SOLUTION

    Currently there is no known solution to this problem.