COMMAND

    Seattle Lab Sendmail

SYSTEMS AFFECTED

    Win NT

PROBLEM

    Mnemonix  found  following.   The  latest  version  of  SLMail  is
    susceptible to a denial of service attack whereby if the encrypted
    password  of  the  user  account  is  the default 24 characters in
    length plus another  177 charcters (making  201 characters all  in
    all) and the user, whose  account it is, attempts to  authenticate
    to  the  POP3  service  (slmail.exe)  the  process dies needing an
    administrator to restart the service.  When the slmail.exe process
    is studied  in NTRegMon  you can  see what's  happening:  the USER
    command causes  a spill  when slmail.exe  checks the  registry for
    the user  account's existence  but it  is only  after it  checks a
    second time, after  the PASS command,   that the process  actually
    dies.

    The previous issue Mnemonix  had with earlier version  whereby the
    Everyone  group  has  "set  value"  permissions  to  the  relevant
    registry keys still applies.

SOLUTION

    Seattle Lab has  issued a new  release of SLmail  3.1 (Build 2961)
    which contains fixes for all known Denial of Service attacks.