COMMAND

    Deerfield Communications MDaemon Mail Server

SYSTEMS AFFECTED

    Deerfield Communications MDaemon Mail Server

PROBLEM

    Cassius found  following.   Deerfield Communications  (the Wingate
    perpetrators) MDaemon POP server is vulnerable to bigass usernames
    causing a DoS.  MDaemon is a mail server package for 95,98,NT  and
    Win2k.  Many  systems that run  Deerfield's World Client  web-mail
    also  use  MDaemon.   Exploit  tested  on Win2kpro running MDaemon
    3.0.3

        telnet example.com 110
        +OK example.com POP service ready [1] using MDaemon v3.0.3 R
        user ................(x256 more or less but 256 does the trick)
        pass b00m!

    This kills  MDaemon and  all of  it's servers  (POP3, IMAP,  SMTP)
    Nothing is logged.  Event  viewer says the service has  terminated
    unexpectedly.  With  proper research an  overflow attack might  be
    possible.

SOLUTION

    MDaeomon  fixed  this  problem  in  their  mail server.  There are
    patches and new complete installation archives which address  this
    problem here:

        ftp://ftp.altn.com/MDaemon/Release/