Peter Cavender <[EMAIL PROTECTED]> writes:
> What is this qmail version 2.0 that securityfocus.com claims there is an
> explot for? Am I missing something, or are they?
>
> Being that I have better things to do than to try to screw up my mail
> server, has anyone tried this claimed explot? What really happens?
It depends upon how you run qmail-smtpd. There are several variables.
If you run qmail-smtpd directly from inetd.conf, as suggested in the
INSTALL file distributed with qmail-1.03, then there is a pretty good
chance that the instance of qmail-smtpd being attacked will grow to
eat of all of memory. What happens then depends upon your OS. On
GNU/Linux, a random process will be killed; there is a pretty good
chance that the random process will be the large qmail-smtpd.
Alternatively, a careful attacker who really understands your system
can create several fairly large qmail-smtpd processes and
significantly increase the chance that the random process which is
killed will be something other than qmail-smtpd. In this scenario
this attack can indeed be a denial of service.
If you run qmail-smtpd as suggested in Life With Qmail, then you are
not vulnerable to this attack, because qmail-smtpd is run under the
softlimit program to limit the amount of memory it will allocate.
(This does not affect the size of the mail messages it can accept, as
qmail-smtpd does not store mail messages in memory.)
Ian
