lotus-notes-smtp-DoS.txt

1999-08-17T00:00:00
ID PACKETSTORM:12345
Type packetstorm
Reporter Packet Storm
Modified 1999-08-17T00:00:00

Description

                                        
                                            `Date: Fri, 15 Jan 1999 00:52:53 PST  
From: Siva Sankar Adiraju <adirajus@HOTMAIL.COM>  
To: BUGTRAQ@netspace.org  
Subject: Lotus Notes SMTP Server bug  
  
There is a security bug in IBM's Lotus Notes SMTP server. eg. An SMTP  
session:  
  
helo a  
250 notes.foo.com  
helo b  
500 Session already established. The domain name [b] passed in with HELO  
will be ignored. The current domain name of sending SMTP is [a].  
  
If the strings `a' and `b' are very long (2048 chars), the Notes  
SMTP server starts consuming CPU and crashes. A remote denial-of-  
service. No workaround is known to me.  
  
The bug exists with Notes on both Solaris and Windows platforms.  
  
PS: This is not related to the gethostbyname() bug in Solaris 2.5.  
  
--  
Kapil Chowksey  
  
`