Reported September 11, 2000 by Delphis Consulting

VERSIONS AFFECTED
  • PPPindia netMailshare

DESCRIPTION

An attacker, by sending a long string of data as the remote host name while conversing with the SMTP server, could consume all available CPU cycles.

DEMONSTRATION

This vulnerability was discovered by Delphis Consulting and no demonstration code or URL was provided. 

Once more information becomes available it will be added.

VENDOR RESPONSE

According to Delphis Consulting, there has been no vendor response or solution provided to this problem. The vendor replied to Windows IT Security emails thanking us for reminding them and ensures us that a patch will be worked on in the near future.

CREDIT
Discovered by Delphis Consulting