[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Possible denial of service exploit

To: "'zmailer@nic.funet.fi'" <zmailer@nic.funet.fi>
Subject: Possible denial of service exploit
From: Tai Samuel S PRC 61CS/SCBN 833-1648 <Samuel.Tai@LOSANGELES.AF.MIL>
Date: Fri, 6 Mar 1998 09:53:32 -0800

Version: ZMailer 2.99.49p9, compiled with gcc and bundled libresolv,
using system malloc	
Platform: Sun SparcStation 20 running Solaris 2.5
Synopsis:

smtpserver receives mail from a non-RFC822-compliant SMTP gateway that
rewrites addresses as follows:

To: <user@mydomain> becomes
To: <"SMTP@gateway-name@Servers[<user@mydomain>]"@remote-domain>

When the router tries to process this message, it consumes all swap
space and pegs the uptime at 10; the hardware hangs afterwards.

Needless to say, the only work-around I've found is to create a policy
that states "rejectsource +" or "freezesource +" to the offending
remote-domain.

Follow-Ups:
- Re: Possible denial of service exploit
  - From: Alexis Yushin <alexis@NL.net> (Fri, 6 Mar 1998 21:58:52 +0200)

Prev by Date: Unsubscribe?
Next by Date: Re: Possible denial of service exploit
Prev by thread: Re: Unsubscribe?
Next by thread: Re: Possible denial of service exploit
Index(es):
- Date
- Thread