[11678] in bugtraq

home help back first fref pref prev next nref lref last post

Re: I found this today and iam reporting it to you first!!! (fwd)

daemon@ATHENA.MIT.EDU (blue0ne)
Fri Sep 3 22:16:44 1999

Mime-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id:  <006b01bef54d$8d298cf0$0e07090a@cobalt>
Date:         Thu, 2 Sep 1999 10:15:03 -0400
Reply-To: blue0ne <coolwhipie@EROLS.COM>
From: blue0ne <coolwhipie@EROLS.COM>
X-To:         BUGTRAQ@SECURITYFOCUS.COM
To: BUGTRAQ@SECURITYFOCUS.COM

There was a similar problem with SMAP on Gauntlet Firewalls a couple of
years back.  Only in that instance, it would eventually fill up the
filesystem with logs, and the proxy service would fail.

blue0ne

-----Original Message-----
From: Alfred Huger <ah@SECURITYFOCUS.COM>
To: BUGTRAQ@SECURITYFOCUS.COM <BUGTRAQ@SECURITYFOCUS.COM>
Date: Thursday, September 02, 1999 3:35 AM
Subject: I found this today and iam reporting it to you first!!! (fwd)


>---------- Forwarded message ----------
>Date: Mon, 30 Aug 1999 21:08:14 +0200
>From: Hakan Franzen <fableman@hem.passagen.se>
>To: vuldb@securityfocus.com
>Subject: I found this today and iam reporting it to you first!!!
>
>Target: TFS mail system 4 (i think its working on earlier version aswell)
(TFS just got some award about there security about emails)
>Company makes the product:   www.tenfour.se
>OS: win95 98 nt
>Reported by: FableMan Noxidus a member of #HACK on IRCNet
>a DoS routine:  Makes a FAST loop generating loooots of emails until its
forced to stop by admin.
>
>what i did is:  TELNET TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX 25
>typing HELO
>typing MAIL FROM:FABLEMAN NOXIDUS
>RCPT TO:FIXYOUR SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX
>DATA
>Fix you system
>Error found by FableMan Noxidus a #HACK member of IRCNet
>.
>QUIT
>
>
>Thats all  now the system tries to send to FIXYOUR
SYSTEM.@TARGETSYSTEMRUNNING.TFS.MAIL.GATE.XXX
>but that address is wrong soo then it generates a reporterror and mails to
FABLEMAN NOXIDUS but cos i havent included a @ then i will not go out on
internet
>then the loops starts.. its generating a reporterror and the loop is a
truh..
>
>I found it when i was playing around with a TFS mail gate system..
>
>The speed of error report generation is about 1 or more email /sec soo if
you start the loop and after 1 hr its a loot of email generated...
>until windows or NT hangs cos of it
home help back first fref pref prev next nref lref last post