Vintra Mail Server Saturates CPU
Reported July 20, 1998 by Vytis Fedaravicius on BugTraq and NTBugTraq

VERSIONS AFFECTED

  • Vintra MailServer
  • Windows NT

DESCRIPTION

There is a bug in a free MailServer software for Windows NT from Vintra systems (www.vintra.com/mailsrvr.html) Any remote user can cause the mail transport (MTA) to use 99% CPU.

DEMONSTRATION

Telnet to 25 port, send "helo yourhostname", then "mail from: somebody", then "rcpt to: anyone" commands, and instead of data command next, send "expn *@" and the software begins its infinite loop.

SOLUTION

Disable the "expn" command by editing sendmail.cf, adding the folowing line:

PrivacyOptions=needmailhelo, noexpn

Restart the mail server once this line has been added to the config.

VENDOR RESPONSE

Vintra has been informed. Stay tuned for their response.

To learn more about NT Security concerns, subscribe to NTSD

Credits
- Originally reported by Vytis Fedaravicius

Posted on The NT Shop on July 21, 1998