|
Vulnerability Gauntlet Affected Systems running Gauntlet firewall Description Jimmy L. Alderson found possible Gauntlet DoS. What he did to start this problem was telnet to port 25 of his lan server and sent mail to a non-existent address from a nonexistent user so it would look like this if our user name was really "jimmy": mail from: jim@realdoamin.com ...sender ok rcpt to: lkdjf09w4olkjfs9 ... reciever ok data quit using a . test . quit sending mail now This caused the server to forward the mail to the bastion host. The bastion host spooled the mail, realized it couldnt send it out and bounced it back to the lan server. The lan server said "I dont know no steeenkin jim, he is not a user on my system, and bounced it back to the bastion host... and so on and so on and so on. The filesystem on the bastion host eventually filled up and BOOM no more mail. Solution Nothing yet.