COMMAND

    NTMail

SYSTEMS AFFECTED

    NTMail V5 and V6 Alpha and Intel Processor

PROBLEM

    Following  is  based  on  Advisorz  VIGILANTE-2000008.   The   web
    configuration running on TCP  port 8000 does not  flush incomplete
    HTTP requests, and thus  it is possible to  use up all the  server
    ressources within a very short time.  During testing the CPU usage
    stayed around 90-99% and within 2 minutes the www.exe service  had
    consumed more than 250MB of memory.  An attack might result in the
    service crashing, when the system hits the maximum pagefile size.

SOLUTION

    Fix:

        - NTMail V5 Alpha Processor fix URL: ftp://ftp.gordano.com/ntmail5/hotfixes/ntmail5g_alpha_20000830.zip
        - NTMail V5 Intel Processor fix URL: ftp://ftp.gordano.com/ntmail5/hotfixes/ntmail5g_intel_20000830.zip
        - NTMail V6 Alpha Processor fix URL: ftp://ftp.gordano.com/ntmail6/hotfixes/ntmail6_alpha_20000830.zip
        - NTMail V6 Intel Processor fix URL: ftp://ftp.gordano.com/ntmail6/hotfixes/ntmail6_intel_20000830.zip