Re: Multiples Remotes DoS Attacks in MDaemonServer v2.8.5.0Vulnerability

Subject: Re: Multiples Remotes DoS Attacks in MDaemonServer v2.8.5.0Vulnerability
From: Nobuo Miwa (n-miwaLAC.CO.JP)
Date: Wed Dec 01 1999 - 15:04:08 CST

• Next message: Ussr Labs: "Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability"
• Previous message: Geo.: "Re: NTmail and VRFY"
• In reply to: Arvel Hathcock: "Fwd: RE: Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability"
• Reply: Nobuo Miwa: "Re: Multiples Remotes DoS Attacks in MDaemonServer v2.8.5.0Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hi,

> Another issue related to 350 simultaneous MDConfig connections has
> recently surfaced at ASCII Japan. MDaemon can be configured to allow
> secure MDConfig connections which will prevent this problem from ever
> occurring. This can be done now, however the 11/30/99 full patch will
> contain additional coding to prevent such a problem from occuring in
> the event that the system admin has left the port wide open for anyone
> to exploit.

I can't see that patch. And besides,it is NOT affected only on MDConfig
port. I can see same problem on POP port.
So, all MDaemon 2.8.5 users should use that patch for preventing
that too much connect() DoS. Not just MDConfig port.

Nobuo Miwa

<Nobuo Miwa> n-miwalac.co.jp ( ) http://www.lac.co.jp/security/
--------------------------o00o--(. .)--o00o--------------------------

• Next message: Ussr Labs: "Remote DoS Attack in Serv-U FTP-Server v2.5a Vulnerability"
• Previous message: Geo.: "Re: NTmail and VRFY"
• In reply to: Arvel Hathcock: "Fwd: RE: Multiples Remotes DoS Attacks in MDaemon Server v2.8.5.0 Vulnerability"
• Reply: Nobuo Miwa: "Re: Multiples Remotes DoS Attacks in MDaemonServer v2.8.5.0Vulnerability"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b27 : Thu Dec 02 1999 - 12:13:26 CST