COMMAND

    NTMail

SYSTEMS AFFECTED

    NTMail V6.0.3c for Windows NT/2000

PROBLEM

    Following is based on a Defcom Labs Advisory def-2001-13 by  Peter
    Grundl.  NTMails  web services contain  a flaw that  could allow a
    malicious attacker  to crash  the web  services using  a malformed
    URL.

    It appears that while fixing another URL related problem,  Gordano
    accidently introduced a  new one.   The web services  on TCP ports
    8000 and  9000 are  both vulnerable  to a  "LongURL attack".  That
    means that  a request  larger than  255 characters  will crash the
    service.

    A crash will take down  the services listening on TCP  ports: 8000
    (NTMail configuration), 8025, 8080, 8888 and 9000 (GLWebMail).

SOLUTION

    Install the patch located at:

        ftp://ftp.gordano.com/ntmail6/hotfixes/ntmail6C_Intel_20010317.zip