MediumCheck or Attack Name: Startech POP3
A vulnerability exists in the Startech POP3 proxy server that could allow a remote attacker to issue a very long argument to the USER command and overflow an internal buffer. This attack will crash the proxy service and deny further connections. It is unknown whether this overflow can be manipulated to execute arbitrary code on vulnerable hosts.
False Negative: In Internet Scanner, Windows 95 systems report a false negative. In order to cause a denial of service while running this check, click the Close button for the popup message box that appears on the scanning machine.
Download the latest version from www.startech.com.
BUGTRAQ Mailing List, Windows95 Proxy DoS Vulnerabilites, http://www.netspace.org/cgi-bin/wa?A2=ind9807A&L=bugtraq&P=R2159
