COMMAND

    Seattle Lab Sendmail

SYSTEMS AFFECTED

    Win NT with SLMail 3.1

PROBLEM

    Mnemonix found following.  The SLMail's smtp service  (slsmtp.exe)
    is susceptible  to a  denial of  service attack,  whereby a remote
    attacker can telnet to port 25 and then issue any of the following
    commands, which will set the slsmtp.exe process running at 100%.

        send (
        vrfy (
        expn (
        mail from: (
        rcpt to: (

    slsmtp.exe  obviously  doesn't  like  left  brackets.   While  the
    process was in this state, although you can telnet to port 25  and
    connect, you  won't get  no response  from the  smtp service. This
    attack is more likely to occur  than the POP3 DoS due to  the fact
    that if the mail server is accessible from the Internet then  this
    can be launched by anyone from anywhere.

SOLUTION

    Seattle Lab has  issued a new  release of SLmail  3.1 (Build 2961)
    which contains fixes for all known Denial of Service attacks.