Bugtraq mailing list archives
Re: WebShield SMTP infinite loop DoS Attack
From: Scott Perry <scott.perry () kewill com>
Date: Fri, 8 Sep 2000 17:09:13 -0400
The issue listed in the Bugtrack notification with DoS CAN ONLY be reproduced if the following obscure criteria has been met: ~
2) The "Direct Send" option has been enabled...
That's the only way we were able to get our machine to send mail!
3) DNS has been enabled with a MX record resolving both "mydomain.com" & "mydomain.com." (trailing period)
FYI, the MX records for "nai.com" and "nai.com." both are the same (try "nslookup -type=MX nai.com" and "nslookup -type=MX nai.com." to check for yourself). This is the same for EVERY domain; it's not obscure.
In the unlikely event that all three criteria do occur then the problem may be worked around by adding "mydomain.com." (trailing period) entry into the "Direct Send" listing In WebShield thereby allowing resolution of mail.
Yes, I came up with that idea before reporting this security hole. It was mentioned in my original post, that you quoted. -Scott
Current thread:
- Re: WebShield SMTP infinite loop DoS Attack Ash Hamid (Sep 07)
- Re: WebShield SMTP infinite loop DoS Attack Gaspar, Carson (Sep 07)
- <Possible follow-ups>
- Re: WebShield SMTP infinite loop DoS Attack Scott Perry (Sep 12)