Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: WARNING! SMTP Denial of Service in SLmail ver 3.1

From: slmail () SEATTLELAB COM (Seattle Lab Technical Support)
Date: Tue, 22 Sep 1998 21:02:46 GMT

This bug has been noted and is currently being worked on by the
Seattle Lab software engineers.  Seattle Lab expects to have a fix
available soon.

Regards,
=======================
  Steve Hord                  URL  http://www.seattlelab.com

  Documentation                     Ordering  (425) 402-6003

  Seattle Lab Inc.                    Support (425) 481-7619
  Bothell, WA (USA)                       Fax (425) 486-2766

======================

On 9/22/98 13:28:00 you wrote:

Dear All,

The SLMail's smtp service (slsmtp.exe) is susceptible to a denial of
service attack, whereby a remote attacker can telnet to port 25 and
then
issue any of the following commands, which will set the slsmtp.exe
process
running at 100%.

send (
vrfy (
expn (
mail from: (
rcpt to: (

slsmtp.exe obviously doesn't like left brackets.

After 30 mins without the high processor usage abating, I had to stop
and
restart the service. While the process was in this state, although I
could
telnet to port 25 and connect, I received no response from the smtp
service. This attack is more likely to occur than the POP3 DoS due to
the
fact that if the mail server is accessible from the Internet then this
can
be launched by anyone from anywhere.

As to a fix - I still haven't heard anything from Seattlelab about a
patch.
I have
tried tweaking the registry but can't find a workaround there. Any
ideas
anyone?



Cheers,
Mnemonix
http://www.infowar.co.uk/mnemonix
http://www.diligence.co.uk
Previous By Date Next
Previous By Thread Next

Current thread: