On Wed, 30 Aug 2006, James Zuelow wrote:
> Is anyone seeing evidence of this in the wild?
>
> http://www.incidents.org/diary.php?storyid=3D1651&isc=3Da9d4e300efcd589f9=
> 5b1
> 64815f1ac114
>
> It doesn't look like there are many patches out for this particular
> issue - except for the OpenBSD patch mentioned on the handler's diary,
> all I see on the net are patches for the MIME DOS (July). We have a
> sendmail instance that has crashed a few times today, and I'm curious if
> other people are seeing the same.
I have yet to see this hit my networks. I'm going to have to test the long
header line bit myself, since I would think that limits like
confMAX_MIME_HEADER_LENGTH & confMAX_HEADERS_LENGTH (which you should be
limiting regardless) would prevent such attacks...
<later>
Testing 8.13.7 with the long headers bit seems to be immune to the DoS
attacks using the settings used above. Anyone else able to reproduce this?
BTW, 8.13.8 plus the one errata patch fixes the problem from what I could
glean from the various alerts.
--Arthur Corliss
Bolverk's Lair -- http://arthur.corlissfamily.org/
Digital Mages -- http://www.digitalmages.com/
"Live Free or Die, the Only Way to Live" -- NH State Motto
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Wed Aug 30 23:58:17 2006
This archive was generated by hypermail 2.1.8 : Wed Aug 30 2006 - 23:58:17 AKDT