Home page logo

bugtraq logo Bugtraq mailing list archives

Re: WebShield SMTP infinite loop DoS Attack
From: Scott Perry <scott.perry () kewill com>
Date: Fri, 8 Sep 2000 17:09:13 -0400

The issue listed in the Bugtrack notification with DoS
CAN ONLY be reproduced if the following obscure
criteria has been met: ~

2) The "Direct Send" option has been enabled...

That's the only way we were able to get our machine to send mail!

3) DNS has been enabled with a MX record resolving
both "mydomain.com" & "mydomain.com." (trailing period)

FYI, the MX records for "nai.com" and "nai.com." both are the same (try "nslookup -type=MX nai.com" and "nslookup 
-type=MX nai.com." to check for yourself).  This is the same for EVERY domain; it's not obscure.

In the unlikely event that all three criteria do occur
then the problem may be worked around by adding
"mydomain.com." (trailing period) entry into the
"Direct Send" listing In WebShield thereby allowing
resolution of mail.

Yes, I came up with that idea before reporting this security hole.  It was mentioned in my original post, that you 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]