[10435] in bugtraq
AS/400
daemon@ATHENA.MIT.EDU (Joachim Larsson)
Tue May 4 20:05:44 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
Message-Id: <372E995A.E7A1EAB3@cyberdude.com>
Date: Tue, 4 May 1999 08:53:14 +0200
Reply-To: joachim.larsson@sigma.se
From: Joachim Larsson <joachim.larsson@SIGMA.SE>
To: BUGTRAQ@NETSPACE.ORG
Hello all.
I played around with smtp on a as/400+domino machine and found two
obvious bugs, then notified IBM, revieved a ptf, then posted here.
1: telnet (host) 25, then start feeding chars. After about 200-300
chars the smtp-subsystem will die, needing to be restarted.
2: change your replyto-address and fromaddress to an non-existing
user/domain then mail to an non-existing user on the 400/domino. This
will cause the mail to loop endlessly between the smtp-subsystem and the
domino subsystem.
This is for general knowledge only, trying to "force" people with
400/domino to react and secure their machines.
Sincerely,
---
(put your favourite signature here)
