Network Associates WebShield SMTP Invalid Outgoing Recipient Field DoS Vulnerability

Bugtraq ID:	1999
Class:	Failure to Handle Exceptional Conditions
CVE:	CVE-2000-1129
Remote:	No
Local:	Yes
Published:	Nov 23 2000 12:00AM
Updated:	Jul 11 2009 03:56AM
Credit:	Posted to Bugtraq on November 23, 2000 by Jari Helenius <[email protected]>.
Vulnerable:	Network Associates WebShield SMTP 4.5 - Microsoft Windows 2000 Professional - Microsoft Windows NT 4.0
Not Vulnerable:

Network Associates WebShield SMTP Invalid Outgoing Recipient Field DoS Vulnerability

Network Associates WebShield SMTP is an email virus scanner designed for internet gateways.

In the event that WebShield SMTP receives an outgoing email containing six "%20" followed by any character within the recipient field, the application will crash, resulting in an access violation error upon processing of the email. Restarting WebShield SMTP is required in order to regain normal functionality. It has been unverified as to whether or not arbitrary code can be executed on the target system if specially crafted code is inserted into the buffer.

Network Associates WebShield SMTP Invalid Outgoing Recipient Field DoS Vulnerability

recipient@f%20f%20f%20f%20f%20f%20f

Network Associates WebShield SMTP Invalid Outgoing Recipient Field DoS Vulnerability

References:

• WebShield SMTP Product Home Page (Network Associates Inc.)