Mailscanner on Solaris 9 *not* protected from "zip of death"
jim at ENTROPHY-FREE.NET
Thu Nov 28 16:08:01 GMT 2002
On Thu, 2002-11-28 at 04:33, D.M.Chapman wrote:
> Ok, I have been doing some digging following my recent email about
> mailscanner failing to detect a Denial of Service attack and I may have
> turned up a fairly serious issue with solaris 9. Bewarned, this is long :-)
> Executive Summary:
> If you are running mailscanner on Solaris 9 and you are using the Sun
> supplied version of perl then you are probably *not* protected against
> a "zip of death" denial of service attack. We certainly were not :-(
You are filing a bug report with Sun on this, right?
The instructions said to use Windows 98 or better, so I installed RedHat
Jim Levie email:
jim at entrophy-free.net
More information about the MailScanner