[6333] in bugtraq
Re: SLMail 2.6 DoS - Imail also
daemon@ATHENA.MIT.EDU (Mark Symons)
Wed Mar 18 15:37:24 1998
Date: Tue, 17 Mar 1998 22:28:12 +0200
Reply-To: mark.symons@za.eds.com
From: Mark Symons <mark.symons@ZA.EDS.COM>
To: BUGTRAQ@NETSPACE.ORG
There have recently been a couple of messages concerning DoS attacks on
NT-based SLMail and IMail SMTP servers. At the end of January, a
similar report was made concerning IMail's POP3 server.
Jon[SMTP:steven@EFNI.COM] wrote:
> A long string of text after a command makes
> the program (SLMail) crash.
(Snip)
> It will stay unresponsive until manually restarted.
(Snip)
> Out of boredom, I tried another smtp daemon for Windows,
> IMail (I tried 4.03) by IPSwitch (www.ipswitch.com). Which
> crashed the same way. Pretty strange, I've only tried two
> windowsNT smtp daemons, and both crashed the same way...
I cannot comment on SLMail, but John Junod (author of IMail) says the
following:
# That "bug" by the way, doesn't cause IMail any problems.
# It only causes the "hacker" a problem since IMail won't
# release the connection and won't accept any more input
# from them until they drop the connection and reconnect.
# It does not affect any other sessions to the SMTP server.
# The session does drop cleanly freeing all resources as
# designed either when the "hacker" breaks the connection
# or when the timeout occurs, whichever occurs first.
Mark Symons
EDS Africa
mark.symons@za.eds.com
