Reported September 25, 2000 by Delphis Consulting

VERSIONS AFFECTED
  • Eserv 2.92 Build 2982

DESCRIPTION

A denial of service attack has been discovered in Eserv 2.92 when running under Windows 2000 (SP1) and Windows NT 4.0 (SP5).  It is possible for a remote attacker to cause Eserv to consume 99% of CPU resources then eventually crash.

DEMONSTRATION

A malicious attacker could Telnet to port 25, the listening port for Eserv SMTP server and send 8.4K of data after the HELO and MAIL FROM: SMTP commands.  For example;

HELO (A x 8.4K)
MAIL FROM: test@ (A x 8.4K).com
RCPT TO: 
DATA 
.

This will cause CPU utilization to reach 99% and the EServ service will eventually crash.

VENDOR RESPONSE

According to Delphis Consulting, there has been no vendor response or solution provided to this problem.  Windows IT Security has also attempted to contact the vendor and will post the response here.

CREDIT
Discovered by Delphis Consulting