Bugtraq mailing list archives
Seattle Lab fixes security issue in SLmail
From: aleph1 () DFW NET (Aleph One)
Date: Sun, 12 Jul 1998 12:36:14 -0500
[ Denial of service? There is nothing like PR damage control. - a1 ] ---------- Forwarded message ---------- Date: Fri, 10 Jul 1998 22:54:07 GMT From: Lee Thompson <lt () seattlelab com> To: NTBUGTRAQ () LISTSERV NTBUGTRAQ COM Subject: Seattle Lab fixes security issue in SLmail -- Beta release corrects denial of service problem -- BOTHELL, WA, July 10, 1998 -- Recently a security problem was discovered = with the release versions of both SLmail 3.0 for Windows NT and SLmail 2.6 for Windows 95.= =20 Specifically, the problem is a denial of service attack, which is usually= initiated from outside the mail server site. If the MAIL FROM: line in the SMTP = envelope exceeds 256 characters, it causes a critical error in SLmail's router and causes the = SLmail.exe service to shut down. "Security is an extremely important priority to us at Seattle Lab," said = President L.A. Heberlein. "As soon as we were notified yesterday, we focused intensely= on correcting the problem, and we achieved a fix within twenty-four hours of first = hearing about it." The fix was incorporated in beta versions of SLmail 3.1 and SLmail 2.7. = Customers who would like to receive the beta versions should contact = betaadmin () seattlelab com. Please put the product serial number in the subject line. We will post the = release versions of these programs to our download site as soon as testing is completed. _ Lee Thompson lt () seattlelab com Seattle Lab Inc. http://www.seattlelab.com Product Manager
Current thread:
- ncurses 4.1 security bug Duncan Simpson (Jul 07)
- Re: ncurses 4.1 security bug Perry E. Metzger (Jul 07)
- Re: ncurses 4.1 security bug Alan Cox (Jul 08)
- Re: ncurses 4.1 security bug Perry E. Metzger (Jul 08)
- Re: ncurses 4.1 security bug Alan Cox (Jul 08)
- Re: ncurses 4.1 security bug Warner Losh (Jul 09)
- Re: ncurses 4.1 security bug David Schwartz (Jul 09)
- Re: ncurses 4.1 security bug matthew green (Jul 10)
- Re: ncurses 4.1 security bug Theo de Raadt (Jul 10)
- Re: ncurses 4.1 security bug Wietse Venema (Jul 12)
- Seattle Lab fixes security issue in SLmail Aleph One (Jul 12)
- Re: ncurses 4.1 security bug Alan Cox (Jul 08)
- Re: ncurses 4.1 security bug Perry E. Metzger (Jul 07)
- Re: ncurses 4.1 security bug David Schwartz (Jul 09)
- sshd gives out version number Tom Dyas (Jul 09)
- Re: Forwared to me Solar Designer (Jul 09)
- Remote count.cgi exploit mods _ _ (Jul 09)
- Re: Remote count.cgi exploit mods Gus (Jul 11)