[Raw Msg Headers][Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Zmailer denial-of-service attack
The following message will cause the Zmailer 2.99.26 (probably
earlier versions too) router to dump core.
-----------------------------
external
rcvdfrom cnossus.sdf.com ([204.191.196.36])
with SMTP
channel error
to <tom@sdf.com>
env-end
From: somebody <>
To: tom@sdf.com
Test
-----------------------------
This kind of message is easy to create via a mail client like Eudora,
and if you send a few copies, it will quickly kill off all routers,
stopping all mail processing. I'd recommend that everyone test that
their router works properly by put the above message into a file, mode
0600, and move it into the $POSTOFFICE/router directory.
The problem is in ~/router/rfc822.c in the prctladdr() function. The
problem appears to be a double pointer dereference.
The following patch removes the extra "*".
*** rfc822.c.orig Mon Feb 12 02:24:42 1996
--- rfc822.c Mon Feb 12 02:25:03 1996
***************
*** 1942,1948 ****
} else
x = l;
if (x != NULL) {
! if (*x->string == '\0')
putc('-', fp);
else
fprintf(fp, "%s", x->string);
--- 1942,1948 ----
} else
x = l;
if (x != NULL) {
! if (x->string == '\0')
putc('-', fp);
else
fprintf(fp, "%s", x->string);
Tom