TUCoPS :: Unix :: General :: gauntlet.htm

Gauntlet firewall possible DoS 
Vulnerability

    Gauntlet

Affected

    Systems running Gauntlet firewall

Description

    Jimmy L.  Alderson found  possible Gauntlet  DoS.   What he did to
    start this problem  was telnet to  port 25 of  his lan server  and
    sent mail to a non-existent address from a nonexistent user so  it
    would look like this if our user name was really "jimmy":

        mail from: jim@realdoamin.com
        ...sender ok
        rcpt to: lkdjf09w4olkjfs9
        ... reciever ok
        data
        quit using a .
        test
        .
        quit
        sending mail now

    This caused the  server to forward  the mail to  the bastion host.
    The bastion  host spooled  the mail,  realized it  couldnt send it
    out and bounced it  back to the lan  server.  The lan  server said
    "I dont know no steeenkin jim, he is not a user on my system,  and
    bounced it back to the bastion host... and so on and so on and  so
    on.  The filesystem on  the bastion host eventually filled  up and
    BOOM no more mail.

Solution

    Nothing yet.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH