Re: [IMail Forum] DoS vulnerability on Imail 5.x/6.x

Tue, 11 Apr 2000 21:35:58 -0700 

Ed,
DoS means Denial of Service.
What is meant is that someone can Deny service to all Others by 'hitting'
the server with a trick.

Here is the trick:
Let's say I want to render someone's Imail server Useless for a few days.
All I have to do is use Eudora 4.3 and set it to log in to the Imail server.

As this SINGLE function locks the entire AUTH service, no other user can
send mail via that Imail server, until I decide to stop my Eudora login.

Let's say I don't want to stop my Eudora login for a few days...... = DoS

Anthony Santen

----- Original Message -----
From: "Ed Taylor " <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Tuesday, April 11, 2000 4:42 PM
Subject: RE: [IMail Forum] DoS vulnerability on Imail 5.x/6.x


> Have you been on Venus? j/k :-)
>
> It is listed on SecurityFocus.com even. It is a Known issue... and it
needs fixed.
>
> BTW, SMTP has not been updated since 6.0 so you are running 6.0 not 6.3...
and the problem does exist.
>
> Thank you!
>
> --
> Ed Taylor
>
> ---------- Original Message ----------------------------------
> From: "R. Scott Perry" <[EMAIL PROTECTED]>
> Reply-To: [EMAIL PROTECTED]
> Date: Tue, 11 Apr 2000 11:42:06 -0400
>
> > Still no word on a fix? With all these IPSwitch people answering the
> > small/easy questions why isn't the BIG one being resolved or even
> > acknowledged?
>
> How about explaining where the DOS possibility lies?
>
> I have been following this for a while now.  I can see where IMail breaks
> the RFC (it doesn't send a CRLF in its response to AUTH CRAM-MD5).  But
how
> does this relate to a DOS attack?
>
> The URL you list states that the problem is that when one user is "stuck"
in
> this state, nobody else can access the SMTP server.  But, using 6.03, I
> tested this, and can not reproduce it.  I telnet in with one session,
enter
> AUTH CRAM-MD5, and get the expected erroneous result (no CRLF).  But,
while
> leaving that telnet session open, I can start another which works fine.  I
> can not get it to lock up.
>
> Either the problem has been fixed in 6.03, or it in not being described
well
> enough.
>                                -Scott
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>
> Please visit http://www.ipswitch.com/support/mailing-lists.html
> to be removed from this list.
>

Please visit http://www.ipswitch.com/support/mailing-lists.html 
to be removed from this list.

Reply via email to