Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WebShield SMTP infinite loop DoS Attack

From: Scott Perry <scott.perry () kewill com>
Date: Fri, 8 Sep 2000 17:09:13 -0400
The issue listed in the Bugtrack notification with DoS
CAN ONLY be reproduced if the following obscure
criteria has been met: ~



2) The "Direct Send" option has been enabled...


That's the only way we were able to get our machine to send mail!


3) DNS has been enabled with a MX record resolving
both "mydomain.com" & "mydomain.com." (trailing period)


FYI, the MX records for "nai.com" and "nai.com." both are the same (try "nslookup -type=MX nai.com" and "nslookup 
-type=MX nai.com." to check for yourself).  This is the same for EVERY domain; it's not obscure.


In the unlikely event that all three criteria do occur
then the problem may be worked around by adding
"mydomain.com." (trailing period) entry into the
"Direct Send" listing In WebShield thereby allowing
resolution of mail.


Yes, I came up with that idea before reporting this security hole.  It was mentioned in my original post, that you 
quoted.
                          -Scott
Previous By Date Next
Previous By Thread Next

Current thread: