[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : Possible Dos on MDConfig

Title: Possible Dos on MDConfig
Released by: Mohamed Riyad
Date: 19th December 2000
Printable version: Click here
MDaemon mail server for Windows comes with a utility called MDConfig to

remotely administer a MDaemon server.

To establish MDConfig connection to a MDaemon server, an administrator must

enable MDConfig server on the server machine. Connection will be established

on a predefined TCP port, by default 3002. Connection procedure is similar

to these:

--> telnet servernameORipaddress 3002

+OK domainname MDCONFIG interface ready


-ERR MDConfig v3.5.0 required   (we identify the server version here,

connection closed)

Try to connect again:

--> telnet servernameORipaddress 3002

+OK domainname MDCONFIG interface ready

--> VERS MDConfig v3.5.0 {ENTER}

+OK MDConfig v3.5.0 acceptable  (Connection established)

---> USER anyname

+OK  got it

Here just wait without giving any password. The server will be waiting until

either the correct password is entered or the inactivity timeout period

(possibly 10 minutes). During this period you can press ENTER to avoid

timeout problem. Inactitivity time will be reset back to 10 minutes and

restart countdown.

OK, the problem or the possible DOS attack on MDConfig is here. Now open

another telnet session and try to connect. The connection will be refused.

So,  malicious user can esatablish a connection and maintain the link and

any MDaemon administrator who try remote administer the server will be

refused connection.

Isn't it bit annoying and ALT+N must take care of it?


Sri Lanka

(C) 1999-2000 All rights reserved.