[16689] in bugtraq
Re: WebShield SMTP infinite loop DoS Attack
daemon@ATHENA.MIT.EDU (Scott Perry)
Mon Sep 11 02:14:02 2000
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <200009081709.AA17367696@kewill.com>
Date: Fri, 8 Sep 2000 17:09:13 -0400
Reply-To: scott.perry@kewill.com
From: Scott Perry <scott.perry@KEWILL.COM>
To: BUGTRAQ@SECURITYFOCUS.COM
> The issue listed in the Bugtrack notification with DoS
> CAN ONLY be reproduced if the following obscure
> criteria has been met: ~
> 2) The "Direct Send" option has been enabled...
That's the only way we were able to get our machine to send mail!
> 3) DNS has been enabled with a MX record resolving
> both "mydomain.com" & "mydomain.com." (trailing period)
FYI, the MX records for "nai.com" and "nai.com." both are the same (try "nslookup -type=MX nai.com" and "nslookup -type=MX nai.com." to check for yourself). This is the same for EVERY domain; it's not obscure.
> In the unlikely event that all three criteria do occur
> then the problem may be worked around by adding
> "mydomain.com." (trailing period) entry into the
> "Direct Send" listing In WebShield thereby allowing
> resolution of mail.
Yes, I came up with that idea before reporting this security hole. It was mentioned in my original post, that you quoted.
-Scott
