Vulnerability Development mailing list archives
DoS in SurfControl's EmailFilter
From: "Led Slinger" <leds () darkwater net>
Date: Sat, 9 Mar 2002 09:08:27 -0500
Just an FYI: I did communicate heavily with SurfControl on this before posting it here: On February 12, 2002, I contacted SurfControl concerning a denial of service condition in the EmailFilter Version 4.0. The DoS was successfully carried out on a Windows 2000 Professional SP2 box. On February 16, 2002, SurfControl confirmed the vulnerability and said that they were diligently working on a patch for the condition. I will not go into significant detail as the exploit is extremely simple. I, personally do not have the time to dig much deeper into their software. On the 28th of February, I was told by SurfControl that a patch was available and that the fix would be included in their next release. To me, it was not a HUGE vulnerability but to someone who depends on their Email system and used the EmailFilter as their sole gateway (not the best move either), it could be big trouble. A simple test: Access the EmailFilter via telnet and issue the HELO command with a parameter of 906 plus characters. The service should fold. This also works with the RCPT TO: command with an identical number pf characters. Setting up the service to restart automatically reduces the overall impact, but does not remove it completely. Just thought I'd pass this along. Cheers! Leds! -- There's nothing wrong with Windows until you install it........
Current thread:
- DoS in SurfControl's EmailFilter Led Slinger (Mar 09)