Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Multiple vulnerabilities in JanaServer

Multiple vulnerabilities in JanaServer

by Nikola Strahija on July 26th, 2002 Janaserver is Internet gateway software for Windows platform can act as HTTP/FTP/NEWS/SNTP server, SOCKS4/SOCKS5/HTTP/FTP/TELNET/Real Audio proxy, E-mail gateway and port mapper. JanaServer up to 1.46 was freeware, JanaServer 2.0 and above is shareware, it's intensively used in SOHO networks. Under NT platforms it runs as a service with system privileges.


II. Details:

8 vulnerabilities were identified:

1. HTTP server buffer overflow.

GET / HTTP/[buffer].0

causes overflow in logging component

2. HTTP proxy buffer overflow

Same overflow in HTTP proxy server running on TCP/3128.

3. Socks5 Username/Password/Hostname signed/unsigned buffer overflow

Username, password or hostname in SOCKS5 request longer than 127
characters cause buffer overflow because of invalid usage of signed
variable.

4. POP3 gateway buffer overflow.

oversized reply of POP3 server

+OK [buffer]

causes buffer overflow in logging component.

5. SMTP gateway buffer overflow

same overflow in SMTP server response:

nnn [buffer]

6. FTP server PASV system-wide DoS

On FTP PASV command server allocates TCP port without closing previously
allocated port. In makes it possible to consume all TCP ports available
in system.

7. POP3 username/password bruteforce

POP3 gateway gives different diagnostics for valid and invalid username
and allows unlimited number of authentication attempts. It makes it
easy to bruteforce username/password.

8. POP3 array index overrun (JanaServer


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »