Multiple vulnerabilities have been reported to affect LANSuite 2002 possibly allowing malicious people to gain system access and users to read and delete other users' mail.

1) Malicious users may read, delete, create, or rename other users' mail and arbitrary system files. The problem is that the "FolderDir" parameter isn't properly verified allowing malicious users to supply arbitrary paths. This may be exploited when using the "ChkMsgsAction" and "DELETEFOLDER" functions and when renaming or creating folders.

2) A buffer overflow may be caused by requesting a HTTP resource with a name longer than 5000 characters.

Example:
/mail/<5000 characters>

3) Another buffer overflow may be caused by supplying a username, which is longer than 2000 characters during HTTP authentication.

4) The FTP service may be crashed by supplying a 8000 character long username.

5) The FTP service consumes 100% CPU resources if a user supplies an argument longer than 2500 characters to commands like "cwd".

6) The "dele" command may reveal previously issued commands in the error message when "NULL" input is given.

7) LANSuite may consume large amounts of CPU resources or hang if HTTP requests contain multiple "/" or if filenames matching DOS device names like "aux.html" are requested.

The vulnerabilities have been reported in LANSuite 2002.

Some of these issues still exist in LANSuite 2003:
SA9882

Solution
Use a firewall or proxy with URL filtering capabilities to filter malicious requests or upgrade to latest version of LANSuite 2003.
Further details available to Secunia VIM customers

Provided and/or discovered by
Stan Bubrouski

Other references
Further details available to Secunia VIM customers

Deep Links
Links available to Secunia VIM customers