Bugtraq mailing list archives
DoS in FirstClass Internet Services 5.770
From: adam.prime () UTORONTO CA (Adam Prime)
Date: Tue, 27 Jun 2000 22:35:21 -0400
We got a bizarre malformed mail from some dot com that hasn't learned about BCC yet with a 1.4 meg To: Header. The mail was handled fine by Software.com's Post.Office, but when Post.Office tried to pass the mail to our FirstClass server, the First Class Internet Services process would hang. I wrote a perl script to send other emails with gigantic headers, but i was unable to reproduce the problem with just large headers (though it did bring the system to a crawl, and eventually cause strange things to happen). The original email put's the Internet Services process into "Not responding" after only 30 seconds or so. a demonstration perl script which will crash FCIS Internet Services is available at http://doot.dyndns.org/fcdos.tar.gz . Though be warned, it is 100 k or so because it contains a sanitized version of the original email that we received (addresses obfuscated). Emails to the vendor were not returned or acknowledged. Adam
Current thread:
- Force Feeding http-equiv () excite com (Jun 24)
- Re: Force Feeding David LeBlanc (Jun 24)
- Re: Force Feeding Dimitry Andric (Jun 26)
- Re: Force Feeding Philip Stoev (Jun 28)
- Re: Force Feeding David LeBlanc (Jun 28)
- Re: Force Feeding Weld Pond (Jun 25)
- Re: Force Feeding M. Burnett (Jun 26)
- Re: Force Feeding Phonix (Jun 27)
- [suse-security-announce] SuSE Security Announcement: wuftpd-2.6 (fwd) Daniel T. Chen (Jun 27)
- DoS in FirstClass Internet Services 5.770 Adam Prime (Jun 27)
- [slackware-security] wu-ftpd remote exploit patched Christopher Kager (Jun 28)
- [SECURITY] New verion of dhcp released debian-security-announce () LISTS DEBIAN ORG (Jun 28)
- Security Bulletins Digest patrick () PINE NL (Jun 28)
- Bypassing Warnings For Invalid SSL Certificates, Part Two Frank Knobbe (Jun 28)
- NT DNS Server leaks administrator account name in SOA record Roy Hills (Jun 26)
- Re: NT DNS Server leaks administrator account name in SOA record Mikael Olsson (Jun 26)
- Re: NT DNS Server leaks administrator account name in SOA record Chris Knipe (Jun 27)
- Re: Force Feeding David LeBlanc (Jun 24)